Sql Query使用Reader对象

时间:2017-09-25 02:27:45

标签: c# sql-server linq

我目前正在使用Linq to Sql。我有一些知识编写linq查询以及如何转换它但是使用此查询我遇到了一些问题。任何人都可以帮助我这个linq查询后面的SQL查询。

这是存储过程。过程的名称是spAuthenticateUser .. 

CREATE proc [dbo].[spAuthenticateUser]
@UserName nvarchar(100),
@Password nvarchar(200)
as
Begin
 Declare @AccountLocked bit
 Declare @Count int
 Declare @RetryCount int

 Select @AccountLocked = IsLocked
 from tblUsers where UserName = @UserName

 --If the account is already locked
 if(@AccountLocked = 1)
 Begin
  Select 1 as AccountLocked, 0 as Authenticated, 0 as RetryAttempts
 End
 Else
 Begin
  -- Check if the username and password match
  Select @Count = COUNT(UserName) from tblUsers
  where [UserName] = @UserName and [Password] = @Password

  -- If match found
  if(@Count = 1)
  Begin
   -- Reset RetryAttempts 
   Update tblUsers set RetryAttempts = 0
   where UserName = @UserName

   Select 0 as AccountLocked, 1 as Authenticated, 0 as RetryAttempts
  End
  Else
  Begin
   -- If a match is not found
   Select @RetryCount = IsNULL(RetryAttempts, 0)
   from tblUsers
   where UserName = @UserName

   Set @RetryCount = @RetryCount + 1

   if(@RetryCount <= 3)
   Begin
    -- If re-try attempts are not completed
    Update tblUsers set RetryAttempts = @RetryCount
    where UserName = @UserName 

    Select 0 as AccountLocked, 0 as Authenticated, @RetryCount as RetryAttempts
   End
   Else
   Begin
    -- If re-try attempts are completed
    Update tblUsers set RetryAttempts = @RetryCount,
    IsLocked = 1, LockedDateTime = GETDATE()
    where UserName = @UserName

    Select 1 as AccountLocked, 0 as Authenticated, 0 as RetryAttempts
   End
  End
 End
End
GO

这是ADO.NET CODE .. 

public bool AuthenticateUser(UserLogin userLogin)
            {
                // ConfigurationManager class is in System.Configuration namespace
                string CS = ConfigurationManager.ConnectionStrings["DBCS"].ConnectionString;
                // SqlConnection is in System.Data.SqlClient namespace
                using (SqlConnection con = new SqlConnection(CS))
                {
                    SqlCommand cmd = new SqlCommand("spAuthenticateUser", con);
                    cmd.CommandType = CommandType.StoredProcedure;

                    //Formsauthentication is in system.web.security
                    string encryptedpassword = FormsAuthentication.HashPasswordForStoringInConfigFile(userLogin.Password, "SHA1");

                    //sqlparameter is in System.Data namespace
                    SqlParameter paramUsername = new SqlParameter("@UserName", userLogin.Username);
                    SqlParameter paramPassword = new SqlParameter("@Password", encryptedpassword);

                    cmd.Parameters.Add(paramUsername);
                    cmd.Parameters.Add(paramPassword);

                    con.Open();
                    SqlDataReader rdr = cmd.ExecuteReader();
                    while (rdr.Read())
                    {
                        int RetryAttempts = Convert.ToInt32(rdr["RetryAttempts"]);
                        if (Convert.ToBoolean(rdr["AccountLocked"]))
                        {
                            return true;
                        }
                        else if (RetryAttempts > 0)
                        {
                            int AttemptsLeft = (4 - RetryAttempts);
                            //lblMessage.Text = "Invalid user name and/or password. " +
                            //    AttemptsLeft.ToString() + "attempt(s) left";
                        }
                        else if (Convert.ToBoolean(rdr["Authenticated"]))
                        {
                            return true;
                        }

                    }
                    return false;
                }
            }

谢谢。

0 个答案:

没有答案
相关问题
最新问题