public ActionResult Login(string username, string password, string remember) { if (Session[imHere_Login] == null) { return RedirectToAction("Login"); } if (!String.IsNullOrEmpty(username) && !String.IsNullOrEmpty(password)) { using (Account account = new Account(database)) { var user = account.GetUser(username, password); if (user != null) { // be sure the session is empty before continuing Session.Clear(); Session["user"] = user; account.SetLastVisit(user.id, RequestIP()); return RedirectToAction("Index", "Editor"); } else { ViewBag.error = "Email or Password not valid"; } } } return View(); }