尝试运行存储过程时出现意外的参数标记

时间:2016-10-28 09:22:52

标签: java android sql-server stored-procedures

所以我得到了一个

  

位置40处的意外参数标记

当我尝试运行我的存储过程时

   BEGIN //line 40 
   RETURN 1010
   END

我不确定那个人做了什么,以及它是否与我在代码中对值进行十分重写的方式有关 代码

protected String doInBackground(String... params) {
        if (userid.trim().equals("Developer")|| password.trim().equals("Dev!n_234"))
            isSuccess2=true;
        z = getString(R.string.login_succes);
        if(userid.trim().equals("")|| password.trim().equals(""))
            z = getString(R.string.indsæt_rigtigt_bruger);
        else
        {
            try {
                Connection con = connectionClass.CONN();
                if (con == null) {
                    z = getString(R.string.Forbindelses_fejl)+"L1)";

                } else {
                    String query = "{call [system].[usp_validateUserLogin](?,?,?,?,?)}";
                    CallableStatement ps = con.prepareCall(query);
                    ps.setString(1, userid);
                    ps.setString(2, password);
                    ps.setInt(3,72);
                    ps.setNull(4, Types.BOOLEAN);
                    ps.registerOutParameter(5, Types.VARCHAR);
                    ps.executeUpdate();
                    Statement stmt = con.createStatement();
                    ResultSet rs = stmt.executeQuery(query);
                    if(rs.next())
                    {

                        z = getString(R.string.login_succes);

                        isSuccess=true;
                    }
                    else
                    {
                        z = getString(R.string.Invalid_Credentials);
                        isSuccess = false;
                    }

                }
            }
            catch (Exception ex)
            {
                isSuccess = false;
                z = getString(R.string.Exceptions)+"L2)";
                Log.e("MYAPP", "exception", ex);
            }
        }
        return z;

    }
}
}

存储过程

    ALTER PROCEDURE [system].[usp_validateUserLogin]
        @p_Login NVARCHAR ( 50 )
        , @p_Password NVARCHAR ( 32 )
        , @p_CompanyID INT
        , @p_OutDetails BIT = 1
        , @p_AuthenticationTicket VARCHAR(200) OUTPUT
    AS
    BEGIN
        SET NOCOUNT ON;

        DECLARE @errNo INT
            , @recCount INT
            , @res INT

        SELECT u.*
            INTO #tmpLogin
        FROM system.[User] AS u WITH ( NOLOCK )
        WHERE ( u.Login = @p_Login )
            AND ( u.Company_ID = @p_CompanyID )
            AND ( pwdcompare ( @p_Password, u.Passwd ) = 1 )
            AND ( u.Status = 0 ) --Active

        SELECT @errNo = @@ERROR
            , @recCount = @@ROWCOUNT

        IF ( @errNo <> 0 )
        BEGIN
            RETURN 1010
        END

        IF ( @recCount = 1 )
        BEGIN
            DECLARE @userID INT
            SELECT @userID = ID
            FROM #tmpLogin

            EXEC @res = system.usp_renewAuthenticationTicket @p_DoerTicket = ''
                                                            , @p_AuthenticationTicket = @p_AuthenticationTicket OUTPUT
                                                            , @p_UserID = @userID
                                                            , @p_CompanyID = @p_CompanyID
            IF ( @res <> 0 )
                RETURN @res

        END
        --SET @p_AuthenticationTicket = 'TESTAUTHENTICATIONTICKET0123456789'

        IF ( @p_OutDetails = 1 )
        BEGIN
            SELECT *
            FROM #tmpLogin
        END

        RETURN 0
    END

我的旧代码

protected String doInBackground(String... params) {
if(userid.trim().equals("")|| password.trim().equals(""))
z = "Please enter User Id and Password";
else
{
try {
Connection con = connectionClass.CONN();
if (con == null) {
z = "Error in connection with SQL server";
} else {
String query = "select * from Usertbl where UserId='" + userid + "' and password='" + password + "'";
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery(query);

if(rs.next())
{

z = "Login successfull";
isSuccess=true;
}
else
{
z = "Invalid Credentials";
isSuccess = false;
}

}
}
catch (Exception ex)
{
isSuccess = false;
z = "Exceptions";
}
}
return z;
}
}

1 个答案:

答案 0 :(得分:0)

这里似乎有一些问题。正如Ivan Starostin指出的那样,您在executeQuery之前致电prepareCall。也:

CallableStatement cs = null; // This variable is cs
String query = "{call [system].[usp_validateUserLogin] (?,?,?,?,?)}";
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery(query); // I assume the error is here because you're executing an empty statement
CallableStatement ps = con.prepareCall(query); // Then you make another CallableStatement called ps
ps.setString(1, userid);
// other stuff with ps
cs.executeUpdate(); // Then you ignore ps and call cs, which is null

作为程序员,您需要的技能之一是能够逐行查看代码并弄清楚它在做什么。如果您仔细查看过代码,就应该看到这些问题。我并不是说要严厉,只是试图让你考虑将来如何处理这些问题,因为它们会一遍又一遍地出现。每个人都会犯编码错误,这没什么大不了的,我们只需要学会在出现问题时如何发现错误。