Esempio n. 1
0
        public ActionResult Register(Users u)
        {
            if (ModelState.IsValid)
            {
                using (UsersEntities dc = new UsersEntities())
                {
                    //you should check duplicate registration here
                    dc.Users.Add(u);
                    dc.SaveChanges();
                    ModelState.Clear();
                    System.Web.Security.FormsAuthentication.SetAuthCookie(u.Name, false);
                    u = null;

                }
            }
            return RedirectToAction("Index", "Home");
        }
Esempio n. 2
0
        public ActionResult Login(Users u, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                using (UsersEntities entities = new UsersEntities())
                {
                    string username = u.Name;
                    string password = u.Password;

                    // Now if our password was enctypted or hashed we would have done the
                    // same operation on the user entered password here, But for now
                    // since the password is in plain text lets just authenticate directly

                    bool userValid = entities.Users.Any(user => user.Name == username && user.Password == password);

                    // User found in the database
                    if (userValid)
                    {

                        System.Web.Security.FormsAuthentication.SetAuthCookie(username, false);
                        if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                            && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                        {
                            return Redirect(returnUrl);
                        }
                        else
                        {
                            return RedirectToAction("Index", "Home");
                        }
                    }
                    else
                    {
                        ModelState.AddModelError("", "The user name or password provided is incorrect.");
                    }
                }
            }

            // If we got this far, something failed, redisplay form
            return View(u);
        }