执行 SPROC - 返回值 = -1
Executing SPROC - Returning Value = -1
我设置了一个 SPROC 来验证登录凭据,但是当我从我的代码中执行它时,我似乎无法将其设置为 return 正确的值。当我尝试从 C# 执行它时,即使我输入了正确的用户名和密码组合,它也会保持 returning 值“-1”,但当我直接从 SSMS 执行它时,它工作得很好。
存储过程
USE [database]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROC [dbo].[usp_ReadUserLogin]
@LoginUsername VARCHAR(50),
@LoginPassword VARCHAR(100)
AS
BEGIN
SET NOCOUNT ON;
DECLARE @Salt CHAR(25);
DECLARE @PasswordSalt VARCHAR(125);
DECLARE @PasswordHash VARBINARY(255);
SELECT @Salt = [dbo].[users].[salt], @PasswordHash = [dbo].[users].[password]
FROM [dbo].[users] WHERE [dbo].[users].[username] = @LoginUsername;
SET @PasswordSalt = @Salt + @LoginPassword;
IF (HASHBYTES('SHA2_512', @PasswordSalt) = @PasswordHash)
RETURN 0; /*Match*/
ELSE
RETURN 1; /*No Match*/
END;
GO
控制器
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(User u)
{
if (ModelState.IsValid) // this is check validity
{
using (WebFTS.Models.webftsEntities db = new WebFTS.Models.webftsEntities())
{
//Method 1 - Still returns value = -1
//var sql = "EXEC [dbo].[usp_ReadUserLogin] @LoginUsername, @LoginPassword";
//var usernameParam = new SqlParameter("@LoginUsername", u.username);
//var passwordParam = new SqlParameter("@LoginPassword", u.password);
//var query = db.Database.ExecuteSqlCommand(sql, usernameParam, passwordParam);
//Method 2 - Still returns value = -1
var query = db.usp_ReadUserLogin(u.username, u.password);
if (query != 0)
{
ViewBag.message = "Incorrect username and/or password.";
}
else
{
var d = db.users.Where(model => model.username.Equals(u.username)).FirstOrDefault();
if (d != null)
{
Session["lid"] = d.user_id.ToString();
Session["lun"] = d.username.ToString();
return RedirectToAction("AfterLogin");
}
}
}
}
return View(u);
}
VIEW
<div style="margin-right:auto; margin-left:auto;">
<table style="overflow:hidden;">
<tr>
<td>Username</td>
<td>@Html.TextBoxFor(a => a.username)</td>
<td><b>@Html.ValidationMessageFor(a => a.username)</b></td>
</tr>
<tr>
<td>Password</td>
<td>@Html.PasswordFor(a => a.password) </td>
<td><b>@Html.ValidationMessageFor(a => a.password)</b></td>
</tr>
<tr>
<td></td>
<td></td>
<td align="right"><input type="submit" value="Login" class="button" /></td>
</tr>
</table>
</div>
如有任何帮助,我们将不胜感激。谢谢。
存储过程(更新)
USE [database]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROC [dbo].[usp_ReadUserLogin]
@LoginUsername VARCHAR(50),
@LoginPassword VARCHAR(100)
AS
BEGIN
--SET NOCOUNT ON;
DECLARE @userid INT;
DECLARE @Salt CHAR(25);
DECLARE @PasswordSalt VARCHAR(125);
DECLARE @PasswordHash VARBINARY(255);
SELECT @userid = [dbo].[users].[user_id], @Salt = [dbo].[users].[salt], @PasswordHash = [dbo].[users].[password]
FROM [dbo].[users] WHERE [dbo].[users].[username] = @LoginUsername;
SET @PasswordSalt = @Salt + @LoginPassword;
IF (HASHBYTES('SHA2_512', @PasswordSalt) = @PasswordHash)
SELECT @userid; /*Match*/
ELSE
SELECT 0; /*No Match*/
END;
GO
控制器(已更新)
System.Nullable<int> query = db.ReadUserLogin(u.username, u.password).SingleOrDefault();
if (query == 0)
ViewBag.message = "Incorrect username and/or password.";
else if (query.HasValue)
{
//follow the rest of the code to select the user.
}
感谢 Dude Pascalou 我能够解决我的问题。 link he provided 就是答案。我还更新了代码,所以如果有人需要,他们可以看到之前和之后。感谢协助!
要使其正常工作,您可以将 RETURN 替换为 SELECT 并删除 SET NOCOUNT ON; 语句。
我设置了一个 SPROC 来验证登录凭据,但是当我从我的代码中执行它时,我似乎无法将其设置为 return 正确的值。当我尝试从 C# 执行它时,即使我输入了正确的用户名和密码组合,它也会保持 returning 值“-1”,但当我直接从 SSMS 执行它时,它工作得很好。
存储过程
USE [database]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROC [dbo].[usp_ReadUserLogin]
@LoginUsername VARCHAR(50),
@LoginPassword VARCHAR(100)
AS
BEGIN
SET NOCOUNT ON;
DECLARE @Salt CHAR(25);
DECLARE @PasswordSalt VARCHAR(125);
DECLARE @PasswordHash VARBINARY(255);
SELECT @Salt = [dbo].[users].[salt], @PasswordHash = [dbo].[users].[password]
FROM [dbo].[users] WHERE [dbo].[users].[username] = @LoginUsername;
SET @PasswordSalt = @Salt + @LoginPassword;
IF (HASHBYTES('SHA2_512', @PasswordSalt) = @PasswordHash)
RETURN 0; /*Match*/
ELSE
RETURN 1; /*No Match*/
END;
GO
控制器
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(User u)
{
if (ModelState.IsValid) // this is check validity
{
using (WebFTS.Models.webftsEntities db = new WebFTS.Models.webftsEntities())
{
//Method 1 - Still returns value = -1
//var sql = "EXEC [dbo].[usp_ReadUserLogin] @LoginUsername, @LoginPassword";
//var usernameParam = new SqlParameter("@LoginUsername", u.username);
//var passwordParam = new SqlParameter("@LoginPassword", u.password);
//var query = db.Database.ExecuteSqlCommand(sql, usernameParam, passwordParam);
//Method 2 - Still returns value = -1
var query = db.usp_ReadUserLogin(u.username, u.password);
if (query != 0)
{
ViewBag.message = "Incorrect username and/or password.";
}
else
{
var d = db.users.Where(model => model.username.Equals(u.username)).FirstOrDefault();
if (d != null)
{
Session["lid"] = d.user_id.ToString();
Session["lun"] = d.username.ToString();
return RedirectToAction("AfterLogin");
}
}
}
}
return View(u);
}
VIEW
<div style="margin-right:auto; margin-left:auto;">
<table style="overflow:hidden;">
<tr>
<td>Username</td>
<td>@Html.TextBoxFor(a => a.username)</td>
<td><b>@Html.ValidationMessageFor(a => a.username)</b></td>
</tr>
<tr>
<td>Password</td>
<td>@Html.PasswordFor(a => a.password) </td>
<td><b>@Html.ValidationMessageFor(a => a.password)</b></td>
</tr>
<tr>
<td></td>
<td></td>
<td align="right"><input type="submit" value="Login" class="button" /></td>
</tr>
</table>
</div>
如有任何帮助,我们将不胜感激。谢谢。
存储过程(更新)
USE [database]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROC [dbo].[usp_ReadUserLogin]
@LoginUsername VARCHAR(50),
@LoginPassword VARCHAR(100)
AS
BEGIN
--SET NOCOUNT ON;
DECLARE @userid INT;
DECLARE @Salt CHAR(25);
DECLARE @PasswordSalt VARCHAR(125);
DECLARE @PasswordHash VARBINARY(255);
SELECT @userid = [dbo].[users].[user_id], @Salt = [dbo].[users].[salt], @PasswordHash = [dbo].[users].[password]
FROM [dbo].[users] WHERE [dbo].[users].[username] = @LoginUsername;
SET @PasswordSalt = @Salt + @LoginPassword;
IF (HASHBYTES('SHA2_512', @PasswordSalt) = @PasswordHash)
SELECT @userid; /*Match*/
ELSE
SELECT 0; /*No Match*/
END;
GO
控制器(已更新)
System.Nullable<int> query = db.ReadUserLogin(u.username, u.password).SingleOrDefault();
if (query == 0)
ViewBag.message = "Incorrect username and/or password.";
else if (query.HasValue)
{
//follow the rest of the code to select the user.
}
感谢 Dude Pascalou 我能够解决我的问题。 link he provided 就是答案。我还更新了代码,所以如果有人需要,他们可以看到之前和之后。感谢协助!
要使其正常工作,您可以将 RETURN 替换为 SELECT 并删除 SET NOCOUNT ON; 语句。