我创建一个存储过程来检索表中的一行:
create procedure LogInUser
@username nvarchar(64),
@password nvarchar(64),
@succeed bit out,
@not_exist_err bit out
as
declare @exist_user nvarchar(64)
select @exist_user = username from users
where username = @username
if @exist_user is null
begin
set @succeed = 0
set @not_exist_err = 1
return
end
else
begin
select * from users
where username = @username and password = @password
end
return
首先,我使用以下方法验证用户是否存在:
select @exist_user = username from users
where username = @username
然后获取每列的行:
select * from users
where username = @username and password = @password
但是,通过使用SqlDataReader,程序将不会进入while循环来检索信息。
它只是不进入循环。我不明白为什么,即使我像这样使用SQL Server执行它,它确实返回一行:
declare @succeedResult bit
declare @existErr bit
exec LogInUser @username=admin, @password =admin, @succeed = @succeedResult, @not_exist_err = @existErr
编辑:执行存储过程的C#方法:
public User LogIn(User usr)
{
SqlConnection conn = A2.Controller.Utils.conn;
SqlCommand loginCmd = new SqlCommand("LogInUser", conn);
loginCmd.CommandType = CommandType.StoredProcedure;
User result = new User();
try
{
conn.Open();
loginCmd.Parameters.Add("@username", SqlDbType.NVarChar).Value = usr.Username;
loginCmd.Parameters.Add("@password", SqlDbType.NVarChar).Value = usr.Password;
loginCmd.Parameters.Add("@succeed", SqlDbType.Bit).Direction = ParameterDirection.Output;
loginCmd.Parameters.Add("@not_exist_err", SqlDbType.Bit).Direction = ParameterDirection.Output;
SqlDataReader dr = loginCmd.ExecuteReader();
if (loginCmd.Parameters["@succeed"].Value != DBNull.Value){
Console.WriteLine("User does not exist");
SqlParameter notExistErr = loginCmd.Parameters["@not_exist_err"];
if (notExistErr.Value != DBNull.Value){
throw new NotExistException("The username or password is incorrect.", "Users");
}
}
while (dr.Read()) {
Console.WriteLine("Looping dr");
result.Username = (string) dr["username"];
result.Password = (string) dr["password"];
result.FirstName = (string) dr["first_name"];
result.MiddleName = (string) dr["middle_name"];
result.LastName = (string) dr["last_name"];
result.ManagerID = (int) dr["manager_id"];
result.IsAdmin = (int) dr["is_admin"];
return result;
}
Console.WriteLine("Done reading");
}
finally {
if (conn.State == ConnectionState.Open) conn.Close();
}
return result;
}
答案 0 :(得分:2)
只有在读取过程中最后一个结果集的最后一行后,才会填充输出参数。所以这部分不起作用:
SqlDataReader dr = loginCmd.ExecuteReader();
if (loginCmd.Parameters["@succeed"].Value != DBNull.Value){
此时loginCmd.Parameters["@succeed"].Value未设置:只有在您阅读完最后一行后才会设置,dr.Read()已返回false。
作为最佳做法,请勿在返回行集的存储过程中使用output参数。
答案 1 :(得分:1)
您可以检查您的查询是返回结果还是未使用dr.HasRows,它应该看起来像......
SqlDataReader dr = loginCmd.ExecuteReader();
if (!dr.HasRows)
{
Console.WriteLine("User does not exist");
SqlParameter notExistErr = loginCmd.Parameters["@not_exist_err"];
if (notExistErr.Value != DBNull.Value)
{
throw new NotExistException("The username or password is incorrect.", "Users");
}
}
else
{
while (dr.Read())
{
Console.WriteLine("Looping dr");
result.Username = (string) dr["@username"];
result.Password = (string) dr["@password"];
result.FirstName = (string) dr["@first_name"];
result.MiddleName = (string) dr["@middle_name"];
result.LastName = (string) dr["@last_name"];
result.ManagerID = (int) dr["@manager_id"];
result.IsAdmin = (int) dr["@is_admin"];
return result;
}
}
答案 2 :(得分:0)
有点奇怪 - 我希望你的测试看起来像这样:
declare @succeedResult bit
declare @existErr bit
exec LogInUser @username=N'admin', @password =N'admin', @succeed = @succeedResult, @not_exist_err = @existErr
但这会带来简单的答案....你是否用有效的(即存在的)用户名和密码来调用你的函数?