此代码不设置某些值

时间:2017-04-26 11:40:02

标签: tsql

因此,我正在为tsql编写一些程序,以便让团队项目重新开始,我正在尝试编写一些内容来创建带有密码的用户配置文件。但是,当我运行此代码时,@ seedno和@saltval的值永远不会被设置,因此我的哈希密码最终为空值。有人可以提供帮助吗? 

CREATE PROCEDURE [dbo].[CreateCustomerAccount]
    @companyName nvarchar (50),
    @emailAddress nvarchar(50),
    @password nvarchar (100),
    @Addr1  nvarchar (50),
    @Addr2  nvarchar (50),
    @Addr3  nvarchar (50),
    @postCode nvarchar (11),
    @Telephone NVARCHAR (20),
    @vatNo NVARCHAR (20) 

AS
    SET NOCOUNT ON

    --Declare some variables here
    DECLARE     
        @pwdSalt NVARCHAR (25),
        @Seed INT,                                  /* this is going to store the randomly generated seed we will use to make the salt */
        @CurrentChar CHAR,
        @SaltedPwd NVARCHAR (125),
        @LoopCountVar TINYINT,                      /*because counting is fun, kids :). */
        @Seedno integer,
        @saltval CHAR 




        --Generate a seed using the customers email address and a psuedo random number generator.

        SET @LoopCountVar = 0;

        WHILE @LoopCountVar <= LEN(@emailAddress)
            BEGIN
                SET @CurrentChar = SUBSTRING(@EmailAddress, @LoopCountVar, 1)

                SET @Seedno = (ASCII(@currentChar)*CRYPT_GEN_RANDOM(10000))

                SET @Seed = @Seed + @Seedno   --Add the integer value of the current character multiplied by a random number between 0 and 100,000 to the seed

                SET @LoopCountVar = @LoopCountVar+1

            END;

    --Now, populate our salt string by inserting random characters using the seed we just created.
    SET @LoopCountVar = 0;

    while @loopCountVar <= 25
    BEGIN
        SET @saltval = CHAR (ROUND((RAND()*94)+32,3))
        SET @pwdSalt = @pwdSalt + @saltval
        SET @LoopCountVar = @LoopCountVar+1 
    END;

    --Time for delicious delicious salted hash
    Set @SaltedPwd = @pwdSalt+@password;

    -- Insert data into table
    Insert into Customer (orgName, Email, AccountPwd, PwdSalt, AddressLine1, AddressLine2, AddressLine3, PostCode, TelephoneNo, VATNo)
    VALUES (@companyName, @emailAddress, HASHBYTES('MD5', @SaltedPwd), @pwdSalt, @Addr1, @Addr2, @Addr3, @postCode, @Telephone, @vatNo);
RETURN 0

2 个答案:

答案 0 :(得分:0)

你有几件事需要解决。 首先,您尝试将ASCII()函数返回值(INT)乘以VARBINARY(80),这是CRYPT_GEN_RANDOM()函数的返回类型。

其次,您使用大于8000的参数长度调用CRYPT_GEN_RANDOM(10000),这是此函数可以使用的最大长度。

查看thisthis个链接。 通常,您可以在进行任何计算之前逐步调试存储过程主体,逐步选择其中包含的变量的值。

答案 1 :(得分:0)

这似乎是一种非常迂回的方式来生成密码。 无论如何,在你的第二个循环中你使用了一个未赋值的变量,这使得结果为null

试试这个:

SET @LoopCountVar = 0;
SET @pwdSalt=''
while @loopCountVar <= 25
BEGIN
    SET @saltval = CHAR (ROUND((RAND()*94)+32,3))
    SET @pwdSalt = @pwdSalt + @saltval
    SET @LoopCountVar = @LoopCountVar+1 
END;
相关问题
最新问题