private Int32 ChkLogin(String pwd,String name,Int32 code) { nsDal.clscon1 con1 = new nsDal.clscon1(); SqlConnection con = con1.GetConnection(); con1.OpenConnection(); SqlCommand cmd = new SqlCommand("Sp_Login",con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("@ppwd", SqlDbType.VarChar, 50).Value = pwd; cmd.Parameters.Add("@pname", SqlDbType.VarChar, 50).Value = name; cmd.Parameters.Add("@pcode", SqlDbType.VarChar, 50).Value = code; SqlParameter t1 = new SqlParameter("@ret",SqlDbType.Int); t1.Direction = ParameterDirection.Output; cmd.Parameters.Add(@t1); cmd.ExecuteNonQuery(); Int32 k = Convert.ToInt32(cmd.Parameters["@ret"].Value); cmd.Dispose(); return k; }
protected void BtnLogin_Click(object sender, EventArgs e) { Label1.Text = DrpCompany.SelectedValue; Int32 d = ChkLogin(TxtUsername.Text, TxtPassword.Text,Convert.ToInt32(DrpCompany.SelectedValue)); if (d == -1 ) { Label1.Text = "Wrong User"; } if (d == -2) { Label1.Text = "Wrong Password"; } }
set ANSI_NULLS ONset QUOTED_IDENTIFIER ONgo
-- =============================================-- Author: <Author,,Name>-- Create date: <Create Date,,>-- Description: <Description,,>-- =============================================ALTER PROCEDURE [dbo].[Sp_Login] -- Add the parameters for the stored procedure here @pname nvarchar(50), @ppwd nvarchar(50), @pccode intASBEGIN declare @ap nvarchar(50) -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. SET NOCOUNT ON; -- Insert statements for procedure here SELECT @ap = mempwd from tbmem where memnam = @pnameand memorgcod = @pccodeif @ap is null return - 1else if @ap = @pname return 1 else return -2END