将用户输入与已建立的表格列进行比较

时间:2016-12-08 21:43:18

标签: sql sql-server stored-procedures comparison

我有一个用户输入进入数据库以与表格列进行比较。我在列上找到了大量有关比较另一列的信息,但这些列似乎无法正常工作。

这是我的代码:

CREATE Procedure Check_Previous_Passwords
    @ua_pk uniqueidentifier,
    @IncomingPassword varchar(25)
AS
    DECLARE @TempTable TABLE (Passwords varchar(25))

    INSERT INTO @TempTable
    SELECT *
    FROM User_Passwords
    WHERE ua_fk = @ua_pk

    IF @IncomingPassword = @TempTable.Passwords
        --Then do stuff

GO

我很确定这是我完全忽略的东西。谢谢!

2 个答案:

答案 0 :(得分:3)

您不应该将密码作为明文传递。

我也不知道你为什么要创建一个临时表。你可以这样做:

if (exists (select 1 from User_Passwords up where up.ua_fk = @ua_pk and @IncomingPassword = up.Password))
begin
. . .
end;
else
begin
. . .
end;

答案 1 :(得分:1)

CREATE Procedure Check_Previous_Passwords
    @ua_pk uniqueidentifier,
    @IncomingPassword varchar(25)
AS
    DECLARE @Temp VARCHAR(25)

    SET @Temp = (SELECT TOP 1 Password 
                 FROM User_Passwords 
                 WHERE ua_fk = @ua_pk 
                 ORDER BY someDate DESC)


    IF @IncomingPassword = @Temp
        BEGIN
              SELECT 'You can't reuse the same PW'
        END
    ELSE
        BEGIN
              --do work
        END

GO

这只是检查最后一个密码,以确保它不相同。如果要检查最后N个密码,我们可以使用IN子句或EXISTS 

CREATE Procedure Check_Previous_Passwords
    @ua_pk uniqueidentifier,
    @IncomingPassword varchar(25)
AS
    DECLARE @Temp VARCHAR(25)

    SET @Temp = (SELECT TOP 1 Password 
                 FROM User_Passwords 
                 WHERE ua_fk = @ua_pk 
                 ORDER BY someDate DESC)


    IF (EXISTS (SELECT 1 FROM User_Passwords up where up.ua_fk = @ua_pk and @IncomingPassword = up.Password))
        BEGIN
              SELECT 'You can't reuse the same PW'
        END
    ELSE
        BEGIN
              --do work... like an insert
        END

GO
相关问题
最新问题