SQL:
ALTER PROCEDURE UserLogin (@username varchar(30), @password varchar(20))
AS
SELECT *
FROM [User]
WHERE User_ID = @username AND Password = @password
IF @@ROWCOUNT = 1
RETURN 1
ELSE
RETURN 0
VB:
Imports System.Data
Imports System.Data.SqlClient
Imports System.Diagnostics
Public Class Login
Inherits System.Web.UI.Page
Dim connectionString As String = "Data Source=SIMON;Initial Catalog=AlphaSYS39414;Persist Security Info=True;User ID=xxxxx;Password=xxxxxx"
Protected Sub btnlogin_Click(sender As Object, e As EventArgs) Handles btnlogin.Click
Using connection As New SqlConnection(connectionString)
Dim account As String = txtusername.Text
Dim mypassword As String = txtpassword.Text
Dim ResponseNum As Integer
connection.Open()
Dim cmd As SqlCommand = New SqlCommand("UserLogin", connection)
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.Add(New SqlParameter("@username", account))
cmd.Parameters.Add(New SqlParameter("@password", mypassword))
ResponseNum = cmd.ExecuteNonQuery()
Debug.Print(ResponseNum)
If ResponseNum = 1 Then
Response.Redirect("https://google.com")
Else
Response.Redirect("https://yahoo.com")
End If
End Using
End Sub
End Class
我试图让我的代码存储过程值返回1或0,然后相应地重定向,但每次它似乎返回-1。有什么建议吗?
答案 0 :(得分:0)
你的第一个SELECT妨碍了。
ALTER PROCEDURE UserLogin (@username varchar(30), @password varchar(20))
AS
IF EXISTS (SELECT * FROM [User] WHERE User_ID = @username AND Password = @password)
RETURN 1
ELSE
RETURN 0
您真的将密码保存在SQL Server表中吗?不是最安全的事情。