在这个Bellow Code中我不能获得Loginname的价值..为什么？另外如何使用Loginname作为输入输出变量？ [英] In This Bellow Code I Cant Get Value Of Loginname .. Why? Also How Can Use Loginname As Input Output Variable?

问题描述

GO
/ ******对象：StoredProcedure [dbo]。[spEX_LoginUser]

SET ANSI_NULLS ON

GO

SET QUOTED_IDENTIFIER ON

GO

ALTER PROCEDURE [dbo]。[spEX_LoginUser]

（

@ loginname varchar（50），

@password varchar（50）

）

AS

BEGIN

如果EXISTS（SELECT LoginName，[Password] FROM EX_Candidate WHERE LoginName = @ loginname AND [Password] = @ password AND Appeared = 0）

BEGIN

SELECT 1 AS Status，@ loginname as LoginName，'Login Successful'AS ReturnMessage

END

else

BEGIN

SELECT 0 AS Status，@ loginname as LoginName，'User does not exists'作为ReturnMessage

END



END

解决方案

首先，为什么要返回传入的值？使用它的代码已经知道了......或者它无法传递给你。

其次，永远不要以明文形式存储密码 - 这是一个主要的安全风险。有关如何在此处执行此操作的信息：密码存储：如何做到这一点。 [ ^ ]

GO /****** Object: StoredProcedure [dbo].[spEX_LoginUser]
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[spEX_LoginUser]
(
@loginname varchar(50),
@password varchar(50)
)
AS
BEGIN
IF EXISTS(SELECT LoginName, [Password] FROM EX_Candidate WHERE LoginName=@loginname AND [Password]=@password AND Appeared=0)
BEGIN
SELECT 1 AS Status,@loginname as LoginName,'Login Successful' AS ReturnMessage
END
else
BEGIN
SELECT 0 AS Status,@loginname as LoginName,'User doesnot exists' as ReturnMessage
END

END

解决方案

First, why return a value that you pass in? The code that uses it already knows it...or it couldn't pass it to you.
Second, never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]

这篇关于在这个Bellow Code中我不能获得Loginname的价值..为什么？另外如何使用Loginname作为输入输出变量？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！