经典ASP - 无法从SQL Server INSERT INTO获得预期的响应与OUTPUT INTO一起使用

时间:2018-01-29 13:27:20

标签: asp-classic sql-server-express

我正在尝试在Classic ASP

的SQL Server数据库中注册新用户

我很欣赏经典ASP已经过时,但我熟悉它并且它完成了我需要的工作(通常)。

这是代码...... 

<%
Set rs = CreateObject("ADODB.Recordset")
Set con = Server.CreateObject("ADODB.Connection")
con.ConnectionString="Provider=SQLOLEDB;" & _
    "Server=Server\SQLEXPRESS;" & _
    "Uid=IUSR;" & _
    "Pwd=Pwd;" & _
    "Database=DB"
con.Open

username="username"
password="password"


tsql="CREATE TABLE #newUserTable(UserID int); " & vbCrLf & _    
    "DECLARE @responseMessage NVARCHAR(50); " & vbCrLf & _
    "DECLARE @userID INT; " & vbCrLf & _
    "IF EXISTS (SELECT TOP 1 UserID FROM [dbo].[UserLogins] WHERE LoginName='" & username & "') " & vbCrLf & _
    "BEGIN " & vbCrLf & _
        "SET @responseMessage='User already exists' " & vbCrLf & _
    "END " & vbCrLf & _
    "ELSE " & vbCrLf &  _
    "BEGIN " & vbCrLf & _
        "DECLARE @salt UNIQUEIDENTIFIER=NEWID(); " & vbCrLf & _
        "BEGIN TRY " & vbCrLf & _
            "INSERT INTO dbo.UserLogins (LoginName,PasswordHash,Salt) " & vbCrLf & _
            "OUTPUT INSERTED.UserID INTO #newUserTable " & vbCrLf & _ 
            "VALUES ('" & username & "',HASHBYTES('SHA2_512', '" & password & "'+CAST(@salt AS NVARCHAR(36))),@salt); " & vbCrLf & _
            "SET @responseMessage=" & vbCrLf & _ 
            "CAST((SELECT userID FROM #newUserTable) AS NVARCHAR(50)); " & vbCrLf & _
        "END TRY " & vbCrLf & _
        "BEGIN CATCH " & vbCrLf & _
            "SET @responseMessage=ERROR_MESSAGE() " & vbCrLf & _ 
        "END CATCH " & vbCrLf & _
       "END " & vbCrLf & _
    "SELECT @responseMessage AS N'responseMessage'; " & vbCrLf & _
    "DROP TABLE #newUserTable"
'response.write tsql & "<hr />"
rs.open tsql, con
response.write rs("responseMessage")
rs.close
%>

当我尝试添加现有用户时,我得到了预期的User already exists响应,但当我尝试添加新用户时,我得到Item cannot be found in the collection corresponding to the requested name or ordinal,表明r responseMessage没有不存在。如果我将tsql输出到浏览器(用“
”替换vbCrLf)并在SQL Server中运行它,我会将userID返回为responseMessage,如我所料。

任何人都可以建议为什么会这样,以及我如何纠正它?

1 个答案:

答案 0 :(得分:1)

将您的上一个命令更改为SELECT @responseMessage AS N'responseMessage'(而不是Drop)。

您还可以尝试使用“SET NOCOUNT ON”来避免计算消息弄乱您的结果。

此外,您无需将vbCrLf添加到TSQL

您的代码应如下所示:

tsql="SET NOCOUNT ON; " &  _    
    "CREATE TABLE #newUserTable(UserID int); " &  _    
    "DECLARE @responseMessage NVARCHAR(50); " &  _
    "DECLARE @userID INT; " &  _
    "IF EXISTS (SELECT TOP 1 UserID FROM [dbo].[UserLogins] WHERE LoginName='" & username & "') " &  _
    "BEGIN " &  _
        "SET @responseMessage='User already exists' " &  _
    "END " &  _
    "ELSE " &   _
    "BEGIN " &  _
        "DECLARE @salt UNIQUEIDENTIFIER=NEWID(); " &  _
        "BEGIN TRY " &  _
            "INSERT INTO dbo.UserLogins (LoginName,PasswordHash,Salt) " &  _
            "OUTPUT INSERTED.UserID INTO #newUserTable " &  _ 
            "VALUES ('" & username & "',HASHBYTES('SHA2_512', '" & password & "'+CAST(@salt AS NVARCHAR(36))),@salt); " &  _
            "SET @responseMessage=" &  _ 
            "CAST((SELECT userID FROM #newUserTable) AS NVARCHAR(50)); " &  _
        "END TRY " &  _
        "BEGIN CATCH " &  _
            "SET @responseMessage=ERROR_MESSAGE() " &  _ 
        "END CATCH " &  _
       "END " &  _
    "DROP TABLE #newUserTable" &  _
    "SELECT @responseMessage AS N'responseMessage'; "
相关问题
最新问题