1. 首页
  2. 问答
  3. 当pwdencrypt被用于登录时从哪里开始?

当pwdencrypt被用于登录时从哪里开始?

2016-10-10 43 views
6

我想通过我的程序在我们的数据库上登录,但是当我做我得到无效凭证,所以我不知道从哪里开始希望任何人都可以帮助我,因为我没有与pwdencryp和pwdcompare之前和我一起工作我不知道该怎么做才能得到它的工作当pwdencrypt被用于登录时从哪里开始?

我的代码:

 protected String doInBackground(String... params) { 
      if (userid.trim().equals("Developer")|| password.trim().equals("Dev!n_234")) 
       isSuccess2=true; 
      z = getString(R.string.login_succes); 
      if(userid.trim().equals("")|| password.trim().equals("")) 
       z = getString(R.string.indsæt_rigtigt_bruger); 
      else 
      { 
       try { 
        Connection con = connectionClass.CONN(); 
        if (con == null) { 
         z = getString(R.string.Forbindelses_fejl)+"L1)"; 

        } else { 
         CallableStatement cs = null; 
         String query = "{call [system].[usp_validateUserLogin] (?,?,?,?,?)}"; 
         Statement stmt = con.createStatement(); 
         ResultSet rs = stmt.executeQuery(query); 
         CallableStatement ps = con.prepareCall(query); 
         ps.setString(1, userid); 
         ps.setString(2, password); 
         ps.setInt(3,72); 
         ps.setNull(4, Types.BOOLEAN); 
         ps.registerOutParameter(5, Types.VARCHAR); 
         cs.executeUpdate(); 
         if(rs.next()) 
         { 

          z = getString(R.string.login_succes); 

          isSuccess=true; 
         } 
         else 
         { 
          z = getString(R.string.Invalid_Credentials); 
          isSuccess = false; 
         } 

        } 
       } 
       catch (Exception ex) 
       { 
        isSuccess = false; 
        z = getString(R.string.Exceptions)+"L2)"; 
        Log.e("MYAPP", "exception", ex); 
       } 
      } 
      return z; 

     } 
    } 


}

} 程序

ALTER PROCEDURE [system].[usp_validateUserLogin] 
    @p_Login NVARCHAR (50) 
    , @p_Password NVARCHAR (32) 
    , @p_CompanyID INT 
    , @p_OutDetails BIT = 1 
    , @p_AuthenticationTicket VARCHAR(200) OUTPUT 
AS 
BEGIN 
    SET NOCOUNT ON; 

    DECLARE @errNo INT 
     , @recCount INT 
     , @res INT 

    SELECT u.* 
     INTO #tmpLogin 
    FROM system.[User] AS u WITH (NOLOCK) 
    WHERE (u.Login = @p_Login) 
     AND (u.Company_ID = @p_CompanyID) 
     AND (pwdcompare (@p_Password, u.Passwd) = 1) 
     AND (u.Status = 0) --Active 

    SELECT @errNo = @@ERROR 
     , @recCount = @@ROWCOUNT 

    IF (@errNo <> 0) 
    BEGIN 
     RETURN 1010 
    END 

    IF (@recCount = 1) 
    BEGIN 
     DECLARE @userID INT 
     SELECT @userID = ID 
     FROM #tmpLogin 

     EXEC @res = system.usp_renewAuthenticationTicket @p_DoerTicket = '' 
                 , @p_AuthenticationTicket = @p_AuthenticationTicket OUTPUT 
                 , @p_UserID = @userID 
                 , @p_CompanyID = @p_CompanyID 
     IF (@res <> 0) 
      RETURN @res 

    END 
    --SET @p_AuthenticationTicket = 'TESTAUTHENTICATIONTICKET' 

    IF (@p_OutDetails = 1) 
    BEGIN 
     SELECT * 
     FROM #tmpLogin 
    END 

    RETURN 0 
END

output

,这里是为用户程序注册

ALTER PROCEDURE [system].[usp_iudUser] 
    @p_ID INT = NULL OUTPUT 
    , @p_Login NVARCHAR (50) = NULL 
    , @p_Password NVARCHAR (32) = NULL 
    , @p_FullName NVARCHAR (100) = NULL 
    --, @p_LastName NVARCHAR (50) = NULL 
    , @p_EMail NVARCHAR (200) = NULL 
    , @p_Status TINYINT = NULL 
    , @p_Roles VARCHAR (200) = NULL 
    , @p_DoerTicket VARCHAR (200) 
AS 
BEGIN 
    SET NOCOUNT ON; 

    DECLARE @doerUserID INT 
      , @doerCompanyID INT 
    EXEC system.usp_validateAuthenticationTicket @p_Ticket = @p_DoerTicket 
               , @p_UserID = @doerUserID OUTPUT 
               , @p_CompanyID = @doerCompanyID OUTPUT 


    MERGE INTO system.[User] AS target 
    USING (SELECT @p_ID 
       , @doerCompanyID 
       , @p_Login 
       , @p_Password 
       , @p_FullName 
       , @p_Roles 
       , @p_Status 
       /*, @p_FirstName 
       , @p_LastName*/ 
       , @p_EMail) AS source (ID 
             , CompanyID 
             , Login 
             , Password 
             , FullName 
             , Roles 
             , Status 
             /*, FirstName 
             , LastName*/ 
             , EMail) 
    ON (target.ID = source.ID) 
     AND (target.Company_ID = source.CompanyID) 
    WHEN MATCHED THEN 
     UPDATE SET 
      target.Login = CASE WHEN source.Status = 200 THEN target.Login + '_' + CAST (source.ID AS VARCHAR (10)) ELSE target.Login END --Login can not be changed 
      , target.Passwd = ISNULL (pwdencrypt (source.Password), target.Passwd) 
      , target.FullName = ISNULL (source.FullName, target.FullName) 
      --, target.LastName = ISNULL (source.LastName, target.LastName) 
      , target.EMail = ISNULL (source.EMail, target.EMail) 
      , target.Roles = ISNULL (source.Roles, target.Roles) 
      , target.Status = ISNULL (source.Status, target.Status) 
    WHEN NOT MATCHED BY TARGET AND source.ID IS NULL THEN 
     INSERT (Company_ID 
       , Login 
       , Passwd 
       , FullName 
       , Roles 
       , Status 
       /*, FirstName 
       , LastName*/ 
       , EMail) 
      VALUES (source.CompanyID 
        , source.Login 
        , pwdencrypt (source.Password) 
        , source.FullName 
        , NULLIF (RTRIM (source.Roles), '') 
        , ISNULL (source.Status, 0) 
        /*, source.FirstName 
        , source.LastName*/ 
        , NULLIF (source.EMail, '')); 

    IF (@@ROWCOUNT <> 1) 
    BEGIN 
     RETURN 1010 
    END 

    IF (@p_Id IS NULL) 
     SET @p_Id = SCOPE_IDENTITY () 

    RETURN 0  
END

来源

2016-10-10 omini data

回答

3

在proc [usp_validateUserLogin]使用参数@p_OutDetails,以确定是否将数据返回到调用者和您使用的事实,呼叫者记录已经返回,以确定该过程是否成功。

ps.setString(4, null);将[usp_validateUserLogin]中的参数@p_OutDetails的值设置为null。这与完全不提供参数不同,因为SQL Server将使用值NULL而不是默认值。如果没有提供参数,那么它将使用默认值(1)。另外,期望的参数类型是BIT,因此它应该使用类似ps.SetBoolean的值来将BIT参数的值设置为显式值1(或true)。

作为一个例子来说明使用默认值与供给NULL值:

CREATE PROCEDURE TestProc 
    @MyString VARCHAR(10) = 'string' 

AS 
BEGIN 
    SET NOCOUNT ON 
    SELECT @MyString AS Param, ISNULL(@MyString, 'Was Null') AS ItsValue 
END 
GO 


EXEC TestProc null 
EXEC TestProc 'A Value' 
EXEC TestProc --no params at all

运行此PROC返回该3种类型的EXEC以下。

Param,ItsValue 
NULL,Was Null 

Param,ItsValue 
A Value,A Value 

Param,ItsValue 
string,string

您的代码,因此在执行第一种方法时,它执行以下命令行,@p_OutDetails包含NULL,它会跳过此位。

IF (@p_OutDetails = 1) 
BEGIN 
    SELECT * 
    FROM #tmpLogin 
END

来源

2016-10-13 18:24:50

+0

如果我在PARAM 4用“1”,则我得到一个意外的参数标记在38位置并且那,p_AuthenticationTicket = p_AuthenticationTicket OUTPUT –

+0

参数类型是一个位,因此尝试的值没有引号。 –

+0

我不能使用没有qoutes的值,所以我尝试了一个String.valueOf(测试))这是一个整数,但多数民众赞成在相同 –

相关问题

 相关问题