public ActionResult LogOn(User user, string returnUrl) { if (ModelState.IsValid) { // VERY SIMPLE user validation! var userInDb = Session.QueryOver<User>() .Where(x => x.LoginName == user.LoginName) .And(x => x.Password == user.Password) .SingleOrDefault(); if (userInDb != null) { FormsAuthentication.SetAuthCookie(user.LoginName, true); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } return View(user); }
public static Project CreateProject(string name, DateTime startDate, DateTime? endDate, User owner, IEnumerable<User> participants) { var project = new Project { Name = name, StartDate = startDate, EndDate = endDate, Owner = owner, }; foreach (var participant in participants) { project.Participants.Add(participant); } return project; }