public override string ResetPassword(string username, string answer)
{
if (string.IsNullOrEmpty(username))
{
return string.Empty;
}
var oldPassword = string.Empty;
var randomPassword = Utils.RandomPassword();
using (var conn = this.CreateConnection())
{
if (conn.HasConnection)
{
using (var cmd = conn.CreateTextCommand(string.Format("SELECT password FROM {0}Users WHERE BlogID = {1}blogid AND userName = {1}name", this.tablePrefix, this.parmPrefix)))
{
// Check Old Password
cmd.Parameters.Add(conn.CreateParameter(FormatParamName("blogid"), Blog.CurrentInstance.Id.ToString()));
cmd.Parameters.Add(conn.CreateParameter(FormatParamName("name"), username));
using (var rdr = cmd.ExecuteReader())
{
if (rdr.Read())
{
oldPassword = rdr.GetString(0);
}
}
// Update Password
if (!string.IsNullOrEmpty(oldPassword))
{
cmd.CommandText = string.Format("UPDATE {0}Users SET password = {1}pwd WHERE BlogID = {1}blogid AND userName = {1}name", this.tablePrefix, this.parmPrefix);
cmd.Parameters.Add(conn.CreateParameter(FormatParamName("pwd"), (this.passwordFormat == MembershipPasswordFormat.Hashed ? Utils.HashPassword(randomPassword) : randomPassword)));
cmd.ExecuteNonQuery();
return randomPassword;
}
}
}
}
return string.Empty;
}