所以我得到了一个
位置40处的意外参数标记
当我尝试运行我的存储过程时
BEGIN //line 40
RETURN 1010
END
我不确定那个人做了什么,以及它是否与我在代码中对值进行十分重写的方式有关 代码
protected String doInBackground(String... params) {
if (userid.trim().equals("Developer")|| password.trim().equals("Dev!n_234"))
isSuccess2=true;
z = getString(R.string.login_succes);
if(userid.trim().equals("")|| password.trim().equals(""))
z = getString(R.string.indsæt_rigtigt_bruger);
else
{
try {
Connection con = connectionClass.CONN();
if (con == null) {
z = getString(R.string.Forbindelses_fejl)+"L1)";
} else {
String query = "{call [system].[usp_validateUserLogin](?,?,?,?,?)}";
CallableStatement ps = con.prepareCall(query);
ps.setString(1, userid);
ps.setString(2, password);
ps.setInt(3,72);
ps.setNull(4, Types.BOOLEAN);
ps.registerOutParameter(5, Types.VARCHAR);
ps.executeUpdate();
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery(query);
if(rs.next())
{
z = getString(R.string.login_succes);
isSuccess=true;
}
else
{
z = getString(R.string.Invalid_Credentials);
isSuccess = false;
}
}
}
catch (Exception ex)
{
isSuccess = false;
z = getString(R.string.Exceptions)+"L2)";
Log.e("MYAPP", "exception", ex);
}
}
return z;
}
}
}
存储过程
ALTER PROCEDURE [system].[usp_validateUserLogin]
@p_Login NVARCHAR ( 50 )
, @p_Password NVARCHAR ( 32 )
, @p_CompanyID INT
, @p_OutDetails BIT = 1
, @p_AuthenticationTicket VARCHAR(200) OUTPUT
AS
BEGIN
SET NOCOUNT ON;
DECLARE @errNo INT
, @recCount INT
, @res INT
SELECT u.*
INTO #tmpLogin
FROM system.[User] AS u WITH ( NOLOCK )
WHERE ( u.Login = @p_Login )
AND ( u.Company_ID = @p_CompanyID )
AND ( pwdcompare ( @p_Password, u.Passwd ) = 1 )
AND ( u.Status = 0 ) --Active
SELECT @errNo = @@ERROR
, @recCount = @@ROWCOUNT
IF ( @errNo <> 0 )
BEGIN
RETURN 1010
END
IF ( @recCount = 1 )
BEGIN
DECLARE @userID INT
SELECT @userID = ID
FROM #tmpLogin
EXEC @res = system.usp_renewAuthenticationTicket @p_DoerTicket = ''
, @p_AuthenticationTicket = @p_AuthenticationTicket OUTPUT
, @p_UserID = @userID
, @p_CompanyID = @p_CompanyID
IF ( @res <> 0 )
RETURN @res
END
--SET @p_AuthenticationTicket = 'TESTAUTHENTICATIONTICKET0123456789'
IF ( @p_OutDetails = 1 )
BEGIN
SELECT *
FROM #tmpLogin
END
RETURN 0
END
我的旧代码
protected String doInBackground(String... params) {
if(userid.trim().equals("")|| password.trim().equals(""))
z = "Please enter User Id and Password";
else
{
try {
Connection con = connectionClass.CONN();
if (con == null) {
z = "Error in connection with SQL server";
} else {
String query = "select * from Usertbl where UserId='" + userid + "' and password='" + password + "'";
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery(query);
if(rs.next())
{
z = "Login successfull";
isSuccess=true;
}
else
{
z = "Invalid Credentials";
isSuccess = false;
}
}
}
catch (Exception ex)
{
isSuccess = false;
z = "Exceptions";
}
}
return z;
}
}
答案 0 :(得分:0)
这里似乎有一些问题。正如Ivan Starostin指出的那样,您在executeQuery之前致电prepareCall。也:
CallableStatement cs = null; // This variable is cs
String query = "{call [system].[usp_validateUserLogin] (?,?,?,?,?)}";
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery(query); // I assume the error is here because you're executing an empty statement
CallableStatement ps = con.prepareCall(query); // Then you make another CallableStatement called ps
ps.setString(1, userid);
// other stuff with ps
cs.executeUpdate(); // Then you ignore ps and call cs, which is null
作为程序员,您需要的技能之一是能够逐行查看代码并弄清楚它在做什么。如果您仔细查看过代码,就应该看到这些问题。我并不是说要严厉,只是试图让你考虑将来如何处理这些问题,因为它们会一遍又一遍地出现。每个人都会犯编码错误,这没什么大不了的,我们只需要学会在出现问题时如何发现错误。