存储过程给出了两组不需要的数据
Stored Procedure gives out two sets of unwanted data
我正在尝试创建一个存储过程来验证用户(登录),一切正常,除了用户输入未注册的电子邮件时。你看我已经处理了那个异常,如果 table 中的电子邮件地址计数为 0,它应该给出:
Select 0 as AccountLocked,0 as Authenticated,0 as RetryAttempts,0 as Registered
如果不为0,则执行下一个steps.The问题是当输入一个未注册的邮箱时,返回两组结果如下:
Select 0 as AccountLocked,0 as Authenticated,0 as RetryAttempts,0 as Registered
和
Select 1 as AccountLocked,0 as Authenticated,0 as RetryAttempts,1 as Registered
reference.What 的完整过程已给出,我在这里遗漏了什么吗?为什么它也给了我不想要的第二个结果?
Alter proc spValidateUser
@EmailAdd nvarchar(30),
@Password nvarchar(20)
as
begin
Set Nocount on;
Declare @UserId nvarchar(10),@LastLogin datetime,@RoleId int,@AccountLocked bit,@RetryCount int,@Count int
Select @Count=Count(EmailAdd) from tblAllUsers
where EmailAdd=@EmailAdd
if(@Count = 0) begin
Select 0 as AccountLocked,0 as Authenticated,0 as RetryAttempts,0 as Registered
end else
Select @AccountLocked=IsLocked from tblAllUsers where EmailAdd=@EmailAdd
----if account is already locked------
if(@AccountLocked = 1) begin
Select 1 as AccountLocked,0 as Authenticated,0 as RetryAttempts,1 as Registered
end else begin
-----check if username and password match-----
Select @UserId = UserId, @LastLogin=LastLogin, @RoleId=RoleId
from tblAllUsers where EmailAdd=@EmailAdd and Password=@Password
----if match found--------
If @UserId is not null Begin
Update tblAllUsers
SET LastLogin= GETDATE(),RetryAttempts=0 WHERE UserId=@UserId
Select @UserId [UserId],
(Select Role from tblRoles where RoleId=@RoleId) [Roles],0 as AccountLocked,1 as Authenticated,0 as RetryAttempts,1 as Registered
End Else Begin
------if match not found--------
Select @RetryCount=ISNULL(RetryAttempts,0) from tblAllUsers where EmailAdd=@EmailAdd
Set @RetryCount=@RetryCount+1
if(@RetryCount<=3) Begin
----if retry attempts are not completed------
Update tblAllUsers Set RetryAttempts=@RetryCount where EmailAdd=@EmailAdd
Select 0 as AccountLocked,0 as Authenticated,@RetryCount as RetryAttempts,1 as Registered
End Else Begin
------if retry attempts are completed--------
Update tblAllUsers Set RetryAttempts=@RetryCount,IsLocked=1,LockedDateTime=GETDATE()
where EmailAdd=@EmailAdd
Select 1 as AccountLocked,0 as Authenticated,0 as RetryAttempts,1 as Registered
End
End
End
End
编辑:看起来它也在执行以下代码:
Begin
------if retry attempts are completed--------
Update tblAllUsers Set RetryAttempts=@RetryCount,IsLocked=1,LockedDateTime=GETDATE()
where EmailAdd=@EmailAdd
Select 1 as AccountLocked,0 as Authenticated,0 as RetryAttempts,1 as Registered
End
但是当电子邮件不匹配时为什么要执行上面的代码?
我会像下面这样更改您的过程逻辑
if exists(Select 1 from tblAllUsers where EmailAdd=@EmailAdd)
Select 0 as AccountLocked,0 as
Authenticated,0 as RetryAttempts,0 as Registered
else
Select 1 as AccountLocked,0 as Authenticated,
0 as RetryAttempts,1 as Registered
您遇到的问题在这里:
Select @Count=Count(EmailAdd) from tblAllUsers
where EmailAdd=@EmailAdd
现在@count 将为零,如果以下情况,您将 return 0 作为 AccountLocked:
if(@Count = 0) begin
Select 0 as AccountLocked,0 as Authenticated,0 as Retry...
end else
Select @AccountLocked=IsLocked from tblAllUsers where EmailAdd=@EmailAdd
这只是其他,这里没有开始 + 结束块。
在这里您将检查帐户是否被锁定,但由于未找到,@AccountLocked 仍为 NULL
----if account is already locked------
if(@AccountLocked = 1) begin
Select 1 as AccountLocked,0 as Authenticated,0 as Retry...
end else begin
现在你在这里检查密码,即使用户甚至没有找到,所以这将永远找不到任何东西:
-----check if username and password match-----
Select @UserId = UserId, @LastLogin=LastLogin, @RoleId=RoleId
from tblAllUsers where EmailAdd=@EmailAdd and Password=@Password
----if match found--------
If @UserId is not null Begin
....
然后第二个结果集来自这里:
End Else Begin
------if match not found--------
我正在尝试创建一个存储过程来验证用户(登录),一切正常,除了用户输入未注册的电子邮件时。你看我已经处理了那个异常,如果 table 中的电子邮件地址计数为 0,它应该给出:
Select 0 as AccountLocked,0 as Authenticated,0 as RetryAttempts,0 as Registered
如果不为0,则执行下一个steps.The问题是当输入一个未注册的邮箱时,返回两组结果如下:
Select 0 as AccountLocked,0 as Authenticated,0 as RetryAttempts,0 as Registered
和
Select 1 as AccountLocked,0 as Authenticated,0 as RetryAttempts,1 as Registered
reference.What 的完整过程已给出,我在这里遗漏了什么吗?为什么它也给了我不想要的第二个结果?
Alter proc spValidateUser
@EmailAdd nvarchar(30),
@Password nvarchar(20)
as
begin
Set Nocount on;
Declare @UserId nvarchar(10),@LastLogin datetime,@RoleId int,@AccountLocked bit,@RetryCount int,@Count int
Select @Count=Count(EmailAdd) from tblAllUsers
where EmailAdd=@EmailAdd
if(@Count = 0) begin
Select 0 as AccountLocked,0 as Authenticated,0 as RetryAttempts,0 as Registered
end else
Select @AccountLocked=IsLocked from tblAllUsers where EmailAdd=@EmailAdd
----if account is already locked------
if(@AccountLocked = 1) begin
Select 1 as AccountLocked,0 as Authenticated,0 as RetryAttempts,1 as Registered
end else begin
-----check if username and password match-----
Select @UserId = UserId, @LastLogin=LastLogin, @RoleId=RoleId
from tblAllUsers where EmailAdd=@EmailAdd and Password=@Password
----if match found--------
If @UserId is not null Begin
Update tblAllUsers
SET LastLogin= GETDATE(),RetryAttempts=0 WHERE UserId=@UserId
Select @UserId [UserId],
(Select Role from tblRoles where RoleId=@RoleId) [Roles],0 as AccountLocked,1 as Authenticated,0 as RetryAttempts,1 as Registered
End Else Begin
------if match not found--------
Select @RetryCount=ISNULL(RetryAttempts,0) from tblAllUsers where EmailAdd=@EmailAdd
Set @RetryCount=@RetryCount+1
if(@RetryCount<=3) Begin
----if retry attempts are not completed------
Update tblAllUsers Set RetryAttempts=@RetryCount where EmailAdd=@EmailAdd
Select 0 as AccountLocked,0 as Authenticated,@RetryCount as RetryAttempts,1 as Registered
End Else Begin
------if retry attempts are completed--------
Update tblAllUsers Set RetryAttempts=@RetryCount,IsLocked=1,LockedDateTime=GETDATE()
where EmailAdd=@EmailAdd
Select 1 as AccountLocked,0 as Authenticated,0 as RetryAttempts,1 as Registered
End
End
End
End
编辑:看起来它也在执行以下代码:
Begin
------if retry attempts are completed--------
Update tblAllUsers Set RetryAttempts=@RetryCount,IsLocked=1,LockedDateTime=GETDATE()
where EmailAdd=@EmailAdd
Select 1 as AccountLocked,0 as Authenticated,0 as RetryAttempts,1 as Registered
End
但是当电子邮件不匹配时为什么要执行上面的代码?
我会像下面这样更改您的过程逻辑
if exists(Select 1 from tblAllUsers where EmailAdd=@EmailAdd)
Select 0 as AccountLocked,0 as
Authenticated,0 as RetryAttempts,0 as Registered
else
Select 1 as AccountLocked,0 as Authenticated,
0 as RetryAttempts,1 as Registered
您遇到的问题在这里:
Select @Count=Count(EmailAdd) from tblAllUsers
where EmailAdd=@EmailAdd
现在@count 将为零,如果以下情况,您将 return 0 作为 AccountLocked:
if(@Count = 0) begin
Select 0 as AccountLocked,0 as Authenticated,0 as Retry...
end else
Select @AccountLocked=IsLocked from tblAllUsers where EmailAdd=@EmailAdd
这只是其他,这里没有开始 + 结束块。
在这里您将检查帐户是否被锁定,但由于未找到,@AccountLocked 仍为 NULL
----if account is already locked------
if(@AccountLocked = 1) begin
Select 1 as AccountLocked,0 as Authenticated,0 as Retry...
end else begin
现在你在这里检查密码,即使用户甚至没有找到,所以这将永远找不到任何东西:
-----check if username and password match-----
Select @UserId = UserId, @LastLogin=LastLogin, @RoleId=RoleId
from tblAllUsers where EmailAdd=@EmailAdd and Password=@Password
----if match found--------
If @UserId is not null Begin
....
然后第二个结果集来自这里:
End Else Begin
------if match not found--------