MySQL过程适用于php但不适用于asp.net(C#)

时间:2012-11-16 16:04:32

标签: c# php asp.net mysql

我已经用php作为服务器语言构建了一个带有MySQL后端的网站,现在我将在asp.net中构建相同的网站

以下过程在MySQL数据库中定义:

DELIMITER //
CREATE PROCEDURE Login(
    IN Username VARCHAR(16),
    IN UserPassword VARCHAR(16),
    OUT UID int,
    OUT SL INT,
    OUT SP VARCHAR(8),
    OUT MA BOOL)    -- missing admin entry
BEGIN
    DECLARE adminID INT DEFAULT -1;
    DECLARE lastTimeout DATETIME DEFAULT NULL;
    SET UID = -1;

    SELECT ID, SecurityLevel, LoginTimeout INTO UID, SL, lastTimeout
    FROM User
    WHERE User.UserName = Username and User.Password = UserPassword;

    IF NOW() > lastTimeout OR lastTimeOut IS NULL THEN
        IF lastTimeOut IS NOT NULL THEN
            INSERT INTO UserLog (UserID, Date, Action) VALUES (UID, NOW(), 'TIMEOUT');
        END IF;

        SELECT ID, Password INTO SL, SP
        FROM SecurityLevels
        WHERE ID = SL;

        SELECT UserID INTO adminID
        FROM Admin
        WHERE UserID = UID;

        IF adminID = -1 AND SL = 4 THEN SET MA = TRUE;
        ELSE SET MA = FALSE;
        END IF;

        IF UID != -1 THEN
            INSERT INTO UserLog (UserID, Date, Action) VALUES (UID, NOW(), 'LOGIN');
            UPDATE User SET User.LoginTimeOut = DATE_ADD(NOW(), INTERVAL 1 HOUR) WHERE User.ID = UID;
        END IF;
    ELSE
        SET UID = -1;
    END IF;

END //
DELIMITER ;

我使用的用户是:

CREATE USER 'LOGIN'@'%' IDENTIFIED BY '6Jd8kKi0';
GRANT execute ON procedure b09xxxxx.Login TO 'LOGIN'@'%';

现在,在php中,我这样做,它就像一个魅力:

$pdo = new PDO('mysql:dbname=b09xxxxx;host=wwwlab.xxx.xxx.se', 'LOGIN', '6Jd8kKi0');
$pdo->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING );

$userID = 0;
$securityLevel = 0;
$securityPassword = "";

//$sql = "SELECT UserName, ID, SecurityLevel FROM User WHERE UserName = '" . $_POST['username'] . "' and Password = '" . $_POST['password'] . "';";
$sql = "CALL Login(:USERNAME, :PASSWORD, @UID, @SL, @SP, @MA);";

$stmt = $pdo->prepare($sql);
$stmt->bindParam(':USERNAME', $_POST['username']);
$stmt->bindParam(':PASSWORD', $_POST['password']);
$stmt->execute();

//$q     = $pdo->query($sql) or die("ERROR:DB");

$sql = "SELECT @UID, @SL, @SP, @MA;";

$q   = $pdo->query($sql) or die("ERROR:DB");

$r = $q->fetch(PDO::FETCH_ASSOC);

但是这个asp.net(C#)版本不起作用:

string connectionString = "Server=wwwlab.xxx.xxx.se; Database=b09xxxxx; User ID=LOGIN; Password=6Jd8kKi0; Pooling=false;";
MySqlConnection dbcon = new MySqlConnection(connectionString);
dbcon.Open();

//string query = "CALL Login(:USERNAME, :PASSWORD, @UID, @SL, @SP, @MA);";
//Now changed to this thanks to John Woo
string query = "Login";

MySqlCommand sqlCmd = new MySqlCommand(query, dbcon);
sqlCmd.CommandType = System.Data.CommandType.StoredProcedure;

sqlCmd.Parameters.AddWithValue(":USERNAME", loginUsername.Text);
sqlCmd.Parameters[":USERNAME"].Direction = ParameterDirection.Input;
sqlCmd.Parameters.AddWithValue(":PASSWORD", loginPassword.Text);
sqlCmd.Parameters[":PASSWORD"].Direction = ParameterDirection.Input;

sqlCmd.Parameters.Add(new MySqlParameter("@UID", MySqlDbType.Int64));
sqlCmd.Parameters["@UID"].Direction = ParameterDirection.Output;
sqlCmd.Parameters.Add(new MySqlParameter("@SL", MySqlDbType.Int64));
sqlCmd.Parameters["@SL"].Direction = ParameterDirection.Output;
sqlCmd.Parameters.Add(new MySqlParameter("@SP", MySqlDbType.String));
sqlCmd.Parameters["@SP"].Direction = ParameterDirection.Output;
sqlCmd.Parameters.Add(new MySqlParameter("@MA", MySqlDbType.Byte));
sqlCmd.Parameters["@MA"].Direction = ParameterDirection.Output;

sqlCmd.ExecuteNonQuery();

MySqlDataAdapter adapter = new MySqlDataAdapter("SELECT @UID, @SL, @SP, @MA;", dbcon);
DataSet ds = new DataSet();
adapter.Fill(ds, "result");

CustomerGrid.DataSource = ds.Tables["result"];
CustomerGrid.DataBind();               

dbcon.Close();http://stackoverflow.com/editing-help

我收到以下错误:

在数据库“CALL Login(:USERNAME, :PASSWORD, @UID, @SL, @SP, @MA)”中找不到程序或功能“b09xxxxx”。

编辑:现在这是一个新问题:SELECT命令被拒绝用户'LOGIN'@'193.11.99.23'表'proc'

1 个答案:

答案 0 :(得分:1)

我认为在调用.Fill方法时会产生错误。

更改以下代码; 

MySqlDataAdapter adapter = new MySqlDataAdapter("SELECT @UID, @SL, @SP, @MA;", dbcon);
DataSet ds = new DataSet();
adapter.Fill(ds, "result");
CustomerGrid.DataSource = ds.Tables["result"];

使用; 

DataTable table = new DataTable();
table.Columns.Add("UID", typeof(int));
table.Columns.Add("SL", typeof(int));
table.Columns.Add("SP", typeof(string));
table.Columns.Add("MA", typeof(boolean));

table.Rows.Add(sqlCmd.Parameters["@UID"].Value, sqlCmd.Parameters["@SL"].Value, sqlCmd.Parameters["@SP"].Value, sqlCmd.Parameters["@MA"].Value);
CustomerGrid.DataSource = table
相关问题
最新问题