我创建了一个用于登录的存储过程,它计算三个表中的行以匹配电子邮件和密码,并且它执行正常,除非在输出后面的代码中调用总是为零,这里是存储过程:
ALTER PROCEDURE dbo.StoredProcedure1
(
@Email nvarchar(50),
@pass nvarchar(50),
@outres int = null OUTPUT,
@outres1 int = null OUTPUT,
@outres2 int = null OUTPUT,
@outres3 int = null OUTPUT
)
AS
DECLARE @UserId INT
set @outres1 = (SELECT count(*) FROM [dbo].Admins
WHERE admin_Email=@Email AND admin_Pass=@pass)
if (@outres1=1)
begin
set @outres=@outres1
SELECT @UserId = adminID
FROM [dbo].Admins WHERE admin_Email=@Email AND admin_Pass=@pass
set @outres1= @UserId
RETURN @outres
end
set @outres2= (SELECT count(*) FROM [dbo].Instructors
WHERE inst_Email=@Email AND inst_Pass=@pass)
if (@outres2=1)
begin
set @outres=@outres2
SELECT @UserId = instructorID
FROM [dbo].Instructors
WHERE inst_Email=@Email AND inst_Pass=@pass
set @outres2= @UserId
RETURN @outres
end
set @outres3= (SELECT count(*) FROM [dbo].Students
WHERE stu_Email=@Email AND stu_Pass=@pass)
if (@outres3=1)
begin
set @outres= @outres3
SELECT @UserId = studentID
FROM [dbo].Students
WHERE stu_Email=@Email AND stu_Pass=@pass
set @outres3= @UserId
RETURN @outres
end
else
begin
set @outres=@outres3
set @outres1=0
set @outres2=0
set @outres3=0
RETURN @outres
end
它还会保存用户的用户ID(如果找到的话)。当我尝试在浏览器中登录时,我无法...后面的代码是:
public int Validate_Login(String _Email, String _Password)
{
string lbl;
string connstr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(connstr);
SqlCommand cmdselect = new SqlCommand();
cmdselect.CommandType = CommandType.StoredProcedure;
cmdselect.CommandText = "[dbo].[StoredProcedure1]";
cmdselect.Parameters.Add("@Email", SqlDbType.NVarChar, 50).Value = _Email;
cmdselect.Parameters.Add("@Password", SqlDbType.NVarChar, 50).Value = _Password;
cmdselect.Parameters.Add("@OutRes", SqlDbType.Int, 4);
cmdselect.Parameters.Add("@OutRes1", SqlDbType.Int, 4);
cmdselect.Parameters.Add("@OutRes2", SqlDbType.Int, 4);
cmdselect.Parameters.Add("@OutRes3", SqlDbType.Int, 4);
cmdselect.Parameters["@OutRes"].Direction = ParameterDirection.Output;
cmdselect.Parameters["@OutRes1"].Direction = ParameterDirection.Output;
cmdselect.Parameters["@OutRes2"].Direction = ParameterDirection.Output;
cmdselect.Parameters["@OutRes3"].Direction = ParameterDirection.Output;
cmdselect.Connection = con;
int Results = 0;
try
{
con.Open();
// SqlDataReader rd = cmdselect.ExecuteReader();
cmdselect.UpdatedRowSource = UpdateRowSource.OutputParameters;
cmdselect.ExecuteNonQuery();
//cmdselect.ExecuteScalar();
/* if (rd.HasRows)
{
rd.Read();
FormsAuthentication.RedirectFromLoginPage(ETB.Text, true);
Response.Redirect("Welcome.aspx");
}
else
{
lblmsg.Text = "Invalid username or password.";
}*/
Results = (int)cmdselect.Parameters["@OutRes"].Value;
int res1 = (int)cmdselect.Parameters["@OutRes1"].Value;
int res2 = (int)cmdselect.Parameters["@OutRes2"].Value;
int res3 = (int)cmdselect.Parameters["@OutRes3"].Value;
if (Results == 0)
{
Session["userID"] = null;
}
else
{
if (res1 != 0)
{
Session["userID"] = res1.ToString();
}
else if (res2 != 0)
{
Session["userID"] = res2.ToString();
}
else
{
Session["userID"] = res3.ToString();
}
}
}
catch (SqlException ex)
{
lbl = ex.Message;
}
finally
{
cmdselect.Dispose();
if (con != null)
{
con.Close();
}
}
return Results;
}
我已尝试过代码中的每个注释,此函数始终返回零..请帮助...
答案 0 :(得分:1)
您希望在存储过程中使用@pass但是传递@Password。作为旁注,请注意您的字符大小写,根据区分大小写的字符排序,您可能会遇到问题。
正确的代码应该是;
...
cmdselect.CommandText = "[dbo].[StoredProcedure1]";
cmdselect.Parameters.Add("@Email", SqlDbType.NVarChar, 50).Value = _Email;
cmdselect.Parameters.Add("@pass", SqlDbType.NVarChar, 50).Value = _Password;
...