public ActionResult In(string Username, string Password) { DcDataContext dc = new DcDataContext(); if (dc.Admin_Login(Username, Password).Count() > 0) { Session["Username"] = Username; Session["Password"] = Password; } else { ViewBag.Message = "Invalid username or password"; return(View()); } return(RedirectToAction("Index", "Admin")); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { bool CanAccess = true; try { DcDataContext dc = new DcDataContext(); if (dc.Admin_Login(filterContext.HttpContext.Session["Username"].ToString(), filterContext.HttpContext.Session["Password"].ToString()).Count() > 0) { CanAccess = true; } } catch { CanAccess = false; } if (!CanAccess) { filterContext.Result = new HttpStatusCodeResult(404); } }