求asp.net存储过程验证登陆.
具体如下:
将用户名密码以参数的形式传递给调用存储过程的方法.该方法调用带输出参数存储过程(请将该方法的代码每行都添加注释.单纯只给代码不太了解原理.).如果用户名密码正确存储过程返回1,否返回0.
并请将存储过程代码一起贴上来.谢谢.
[解决办法]
验证口令的存储过程
Create or Replace Procedure Prc_A( user_id in varchar2, user_pwd in varchar2, check_out out number ) As tmp_pwd varchar2(20); Begin -- 验证密码之前可以先验证用户名称; -- -- 验证密码 select password into tmp_pwd from s_user where id = user_id; if tmp_pwd = user_pwd then check_out := 1; else check_out :=0; end if; End;
[解决办法]
public SqlDataReader GetUserLoginByProc(string sUserName, string sPassword) { SqlConnection con = DB.createDB(); SqlCommand cmd = new SqlCommand("Pr_GetUserLogin",con); //设置为执行存储过程 cmd.CommandType = CommandType.StoredProcedure; //添加存储过程参数 SqlParameter pUserName = new SqlParameter("@UserName",SqlDbType.VarChar,50); pUserName.Value = sUserName; cmd.Parameters.Add(pUserName); SqlParameter pPassword = new SqlParameter("@Password",SqlDbType.VarChar,100); pPassword.Value = sPassword; cmd.Parameters.Add(pPassword); SqlDataReader dr = null; try { con.Open(); dr = cmd.ExecuteReader(CommandBehavior.CloseConnection); } catch (SqlException ex) { throw new Exception(ex.Message,ex); } return dr; }protected void LoginBtn_Click(object sender, EventArgs e) { //如果页面输入合法 if (Page.IsValid==true) { if (Validator.Text != sValidator) { Message.Visible = true; Message.Text = "验证码输入错误,请重新输入验证码"; sValidator = CreateValidateString(6); ValidateImage.ImageUrl = sValidatorImageUrl + sValidator; return; } string userId = ""; User user = new User(); //对用户输入进行编码 string sUserName = Server.HtmlEncode(UserName.Text.Trim()); string sPassword = Server.HtmlEncode(Password.Text.Trim()); SqlDataReader recu = user.GetUserLoginByProc(sUserName,sPassword); if (recu.Read()) { userId = recu["UserID"].ToString(); } recu.Close(); if (userId != null && userId != "") { Session["UserID"] = userId; Response.Redirect("UserManage.aspx"); } else { sValidator = CreateValidateString(6); ValidateImage.ImageUrl = sValidatorImageUrl + sValidator; Message.Visible = true; Message.Text = "您输入的用户名或密码有误,请重新输入!"; } } }