这是一个奇怪的。我有一个Dev SQL Server,它上面有存储过程,当与UAT DB上的相同代码一起使用时,相同的存储过程导致它自己删除!
有没有人听说过这种行为?
SQL代码:
-- Check if user is registered with the system
IF OBJECT_ID('dbo.sp_is_valid_user') IS NOT NULL
BEGIN
DROP PROCEDURE dbo.sp_is_valid_user
IF OBJECT_ID('dbo.sp_is_valid_user') IS NOT NULL
PRINT '<<< FAILED DROPPING PROCEDURE dbo.sp_is_valid_user >>>'
ELSE
PRINT '<<< DROPPED PROCEDURE dbo.sp_is_valid_user >>>'
END
go
create procedure dbo.sp_is_valid_user
@username as varchar(20),
@isvalid as int OUTPUT
AS
BEGIN
declare @tmpuser as varchar(20)
select @tmpuser = username from CPUserData where username = @username
if @tmpuser = @username
BEGIN
select @isvalid = 1
END
else
BEGIN
select @isvalid = 0
END
END
GO
用法示例
DECLARE @isvalid int
exec dbo.sp_is_valid_user 'username', @isvalid OUTPUT
SELECT valid = @isvalid
使用示例全天工作......当我通过C#访问它时,它会在UAT SQL DB中删除自己,但不会删除Dev!
C#代码:
public bool IsValidUser(string sUsername, ref string sErrMsg)
{
string sDBConn = ConfigurationSettings.AppSettings["StoredProcDBConnection"];
SqlCommand sqlcmd = new SqlCommand();
SqlDataAdapter sqlAdapter = new SqlDataAdapter();
try
{
SqlConnection conn = new SqlConnection(sDBConn);
sqlcmd.Connection = conn;
conn.Open();
sqlcmd.CommandType = CommandType.StoredProcedure;
sqlcmd.CommandText = "sp_is_valid_user";
// params to pass in
sqlcmd.Parameters.AddWithValue("@username", sUsername);
// param for checking success passed back out
sqlcmd.Parameters.Add("@isvalid", SqlDbType.Int);
sqlcmd.Parameters["@isvalid"].Direction = ParameterDirection.Output;
sqlcmd.ExecuteNonQuery();
int nIsValid = (int)sqlcmd.Parameters["@isvalid"].Value;
if (nIsValid == 1)
{
conn.Close();
sErrMsg = "User Valid";
return true;
}
else
{
conn.Close();
sErrMsg = "Username : " + sUsername + " not found.";
return false;
}
}
catch (Exception e)
{
sErrMsg = "Error :" + e.Source + " msg: " + e.Message;
return false;
}
}
答案 0 :(得分:2)
好的,我找到了答案......当你知道怎么做时很简单!
我在这里看到了这个链接:
消失的存储过程
所以从我跑的最佳答案开始:
select syo.name
from syscomments syc
join sysobjects syo on
syo.id = syc.id
where syc.[text] like '%DROP PROC%'
这给了我一个我的其他存储过程... sp_is_user_admin,这似乎不对,所以我快速看了......
create procedure dbo.sp_is_user_admin
@username as varchar(20),
@isadmin as int OUTPUT
AS
BEGIN
declare @profile as varchar(20)
select @profile = profile from CPUserData where username = @username
if @profile = 'admin'
BEGIN
select @isadmin = 1
END
else
BEGIN
select @isadmin = 0
END
END
--*********************************************************************************
-- Check if user is registered with the system
IF OBJECT_ID('dbo.sp_is_valid_user') IS NOT NULL
BEGIN
DROP PROCEDURE dbo.sp_is_valid_user
IF OBJECT_ID('dbo.sp_is_valid_user') IS NOT NULL
PRINT '<<< FAILED DROPPING PROCEDURE dbo.sp_is_valid_user >>>'
ELSE
PRINT '<<< DROPPED PROCEDURE dbo.sp_is_valid_user >>>'
END
卫生署!!!在C#中有更强大的......如果用户有效,我还会根据他们是否是管理员选择让他们看到的内容,并调用sp_is_valid_user proc。令人讨厌的副作用!
// check the user is entitled to use the system at all
if (usrData.IsValidUser(sCurrentUserName, ref sErrMsg))
{
// if the user is admin then let them spoof and edit their own data
if (usrData.UserIsAdmin(sCurrentUserName, ref sErrMsg))
{
chkSpoof.Visible = true;
grdvwUserDataFromDB.Visible = true;
}
}
else
{
// redirect them away
Response.Redirect("UserNotRegistered.aspx");
return;
}
我希望这可以帮助其他人!
PS:DB Artisan 讨厌如果我在我的开发工具包中有完整的胖SQL服务器,那么我想我可以使用分析器看到这个被调用。 ; P我无法安装SQL Server 2008,因为我没有对Visual Studio进行正确的SP /更新我觉得这里的IT无法解决它,烦人!!