public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (this.userProcessor.LogOnUser(model.UserName, model.Password)) { FormsAuthentication.SetAuthCookie(model.UserName, true); this.userProcessor.SetRoleToUserFromDB(model.UserName); if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return this.Redirect(returnUrl); } else { return this.RedirectToAction("Index", "Landing"); } } else { ModelState.AddModelError(string.Empty, "Incorrect email or password!"); } } return this.View(model); }