What I would like to do is use my spLogin stored procedure to return two values from the same table, both of which I would like to save in sessions in C#.
我想要做的是使用我的spLogin存储过程从同一个表中返回两个值,我想在C#中的会话中保存这两个值。
Here is the table
这是表格
create table tbClients
(
ClientID int primary key identity(0,1),
ClientFirstName varchar(20),
ClientLastName varchar(20),
ClientAddress varchar(60),
ClientOrigin varchar(20),
ClientUsername varchar(20),
ClientPassword int,
ClientSecurity int
)
When the client clicks the login button I want to code a procedure that will check to see if the user is valid, what their security level is, and that their first name is.
当客户端点击登录按钮时,我想编写一个程序来检查用户是否有效,他们的安全级别是什么,以及他们的名字是什么。
Here is what I have so far
这是我到目前为止所拥有的
create procedure spLogin(
@ClientUsername varchar(20),
@ClientPassword int
)
AS BEGIN
DECLARE @Security int
DECLARE @ClientFirstName varchar(20)
IF EXISTS (SELECT * FROM tbClients
WHERE ClientUsername = @ClientUsername
AND ClientPassword = @ClientPassword)
BEGIN
SELECT
@Security = ClientSecurity,
@ClientFirstName = ClientFirstName
FROM tbClients
WHERE
ClientUsername = @ClientUsername
AND ClientPassword = @ClientPassword
IF(@Security = 1)
BEGIN
SELECT 'Admin' as Security, @ClientFirstName
END
ELSE
BEGIN
SELECT 'Customer' as Security, @ClientFirstName
END
END
ELSE
BEGIN
SELECT 'INVALID'
END
END
GO
Don't know if this will work because I am not sure how to store these values in C# without using a dataset, which doesn't seem to be working so far?
不知道这是否会起作用,因为我不知道如何在不使用数据集的情况下将这些值存储在C#中,到目前为止这似乎不起作用?
4 个解决方案
#1
4
I would write this procedure a bit differently something like this.....
我会写这个程序有点像这样......
create procedure spLogin
@ClientUsername varchar(20)
,@ClientPassword int
,@Security VARCHAR(10) OUTPUT
,@ClientFirstName varchar(20) OUTPUT
,@ValidLogin INT OUTPUT
AS
BEGIN
SET NOCOUNT ON;
IF EXISTS (SELECT * FROM tbClients
WHERE ClientUsername = @ClientUsername
AND ClientPassword = @ClientPassword)
BEGIN
SELECT @ValidLogin = 1
,@Security = CASE WHEN ClientSecurity = 1
THEN 'Admin' ELSE 'Customer' END
,@ClientFirstName = ClientFirstName
FROM tbClients
WHERE ClientUsername = @ClientUsername
AND ClientPassword = @ClientPassword
END
ELSE
BEGIN
SET @ValidLogin = 0;
END
END
GO
Not an expert of C# but you would handle the output parameters in C# something like....
不是C#的专家,但你会在C#中处理输出参数....
// define connection and command, in using blocks to ensure disposal
using(SqlConnection conn = new SqlConnection(pvConnectionString ))
using(SqlCommand cmd = new SqlCommand("dbo.spLogin", conn))
{
cmd.CommandType = CommandType.StoredProcedure;
// set up the input parameters
cmd.Parameters.Add("@ClientUsername", SqlDbType.VarChar, 20);
cmd.Parameters.Add("@ClientPassword", SqlDbType.Int);
cmd.Parameters.Add("@Security", SqlDbType.VarChar, 10).Direction = ParameterDirection.Output;
cmd.Parameters.Add("@ClientFirstName", SqlDbType.VarChar, 20).Direction = ParameterDirection.Output;
cmd.Parameters.Add("@Success", SqlDbType.Int).Direction = ParameterDirection.Output;
// set parameter values
cmd.Parameters["@ClientUsername"].Value = UserNamTextbox.Text;
// open connection and execute stored procedure
conn.Open();
cmd.ExecuteNonQuery();
// read output value from @Security
int Security = Convert.ToInt32(cmd.Parameters["@Security"].Value);
if Security == 1 ....... and so on.......
conn.Close();
}
#2
0
so I am not 100% sure how much of the C# you have on your end but here is the basics:
所以我不是100%确定你有多少C#,但这里是基础知识:
Use the code in this SO question to get your data from SQL Server: Fill DataTable from SQL Server database
使用此SO问题中的代码从SQL Server获取数据:从SQL Server数据库填充DataTable
Then once you have your datatable you can loop through it with a for loop like so (assuming you defined your Datatable as 'dt'):
然后,一旦你有了数据表,就可以使用for循环遍历它(假设你将Datatable定义为'dt'):
foreach (DataRow row in dt.Rows)
{
//do what you need with your data.
var value = row["ColumnName"];
Console.WriteLine(value.ToString());
}
Hope that helps.
希望有所帮助。
#3
0
The result your store procedure only return one row, you can check if column exists in datatable :
您的存储过程只返回一行的结果,您可以检查数据表中是否存在列:
if (dt.columns.Contains("Security"))
{
....
}else{
// Show error in fist row, fist column
return dt.Rows[0][0].ToString();
}
#4
0
You can execute the storedprocedure and fill the result into dataset.
您可以执行storedprocedure并将结果填充到数据集中。
Each select statement will be stored as a datatable and you can access using the index to access corresponding table.
每个select语句都将存储为数据表,您可以使用索引访问相应的表。
#1
4
I would write this procedure a bit differently something like this.....
我会写这个程序有点像这样......
create procedure spLogin
@ClientUsername varchar(20)
,@ClientPassword int
,@Security VARCHAR(10) OUTPUT
,@ClientFirstName varchar(20) OUTPUT
,@ValidLogin INT OUTPUT
AS
BEGIN
SET NOCOUNT ON;
IF EXISTS (SELECT * FROM tbClients
WHERE ClientUsername = @ClientUsername
AND ClientPassword = @ClientPassword)
BEGIN
SELECT @ValidLogin = 1
,@Security = CASE WHEN ClientSecurity = 1
THEN 'Admin' ELSE 'Customer' END
,@ClientFirstName = ClientFirstName
FROM tbClients
WHERE ClientUsername = @ClientUsername
AND ClientPassword = @ClientPassword
END
ELSE
BEGIN
SET @ValidLogin = 0;
END
END
GO
Not an expert of C# but you would handle the output parameters in C# something like....
不是C#的专家,但你会在C#中处理输出参数....
// define connection and command, in using blocks to ensure disposal
using(SqlConnection conn = new SqlConnection(pvConnectionString ))
using(SqlCommand cmd = new SqlCommand("dbo.spLogin", conn))
{
cmd.CommandType = CommandType.StoredProcedure;
// set up the input parameters
cmd.Parameters.Add("@ClientUsername", SqlDbType.VarChar, 20);
cmd.Parameters.Add("@ClientPassword", SqlDbType.Int);
cmd.Parameters.Add("@Security", SqlDbType.VarChar, 10).Direction = ParameterDirection.Output;
cmd.Parameters.Add("@ClientFirstName", SqlDbType.VarChar, 20).Direction = ParameterDirection.Output;
cmd.Parameters.Add("@Success", SqlDbType.Int).Direction = ParameterDirection.Output;
// set parameter values
cmd.Parameters["@ClientUsername"].Value = UserNamTextbox.Text;
// open connection and execute stored procedure
conn.Open();
cmd.ExecuteNonQuery();
// read output value from @Security
int Security = Convert.ToInt32(cmd.Parameters["@Security"].Value);
if Security == 1 ....... and so on.......
conn.Close();
}
#2
0
so I am not 100% sure how much of the C# you have on your end but here is the basics:
所以我不是100%确定你有多少C#,但这里是基础知识:
Use the code in this SO question to get your data from SQL Server: Fill DataTable from SQL Server database
使用此SO问题中的代码从SQL Server获取数据:从SQL Server数据库填充DataTable
Then once you have your datatable you can loop through it with a for loop like so (assuming you defined your Datatable as 'dt'):
然后,一旦你有了数据表,就可以使用for循环遍历它(假设你将Datatable定义为'dt'):
foreach (DataRow row in dt.Rows)
{
//do what you need with your data.
var value = row["ColumnName"];
Console.WriteLine(value.ToString());
}
Hope that helps.
希望有所帮助。
#3
0
The result your store procedure only return one row, you can check if column exists in datatable :
您的存储过程只返回一行的结果,您可以检查数据表中是否存在列:
if (dt.columns.Contains("Security"))
{
....
}else{
// Show error in fist row, fist column
return dt.Rows[0][0].ToString();
}
#4
0
You can execute the storedprocedure and fill the result into dataset.
您可以执行storedprocedure并将结果填充到数据集中。
Each select statement will be stored as a datatable and you can access using the index to access corresponding table.
每个select语句都将存储为数据表,您可以使用索引访问相应的表。