1. 首頁
  2. 問答
  3. 當pwdencrypt被用於登錄時從哪裏開始?

當pwdencrypt被用於登錄時從哪裏開始?

2016-10-10 44 views
6

我想通過我的程序在我們的數據庫上登錄,但是當我做我得到無效憑證,所以我不知道從哪裏開始希望任何人都可以幫助我,因爲我沒有與pwdencryp和pwdcompare之前和我一起工作我不知道該怎麼做才能得到它的工作當pwdencrypt被用於登錄時從哪裏開始?

我的代碼:

 protected String doInBackground(String... params) { 
      if (userid.trim().equals("Developer")|| password.trim().equals("Dev!n_234")) 
       isSuccess2=true; 
      z = getString(R.string.login_succes); 
      if(userid.trim().equals("")|| password.trim().equals("")) 
       z = getString(R.string.indsæt_rigtigt_bruger); 
      else 
      { 
       try { 
        Connection con = connectionClass.CONN(); 
        if (con == null) { 
         z = getString(R.string.Forbindelses_fejl)+"L1)"; 

        } else { 
         CallableStatement cs = null; 
         String query = "{call [system].[usp_validateUserLogin] (?,?,?,?,?)}"; 
         Statement stmt = con.createStatement(); 
         ResultSet rs = stmt.executeQuery(query); 
         CallableStatement ps = con.prepareCall(query); 
         ps.setString(1, userid); 
         ps.setString(2, password); 
         ps.setInt(3,72); 
         ps.setNull(4, Types.BOOLEAN); 
         ps.registerOutParameter(5, Types.VARCHAR); 
         cs.executeUpdate(); 
         if(rs.next()) 
         { 

          z = getString(R.string.login_succes); 

          isSuccess=true; 
         } 
         else 
         { 
          z = getString(R.string.Invalid_Credentials); 
          isSuccess = false; 
         } 

        } 
       } 
       catch (Exception ex) 
       { 
        isSuccess = false; 
        z = getString(R.string.Exceptions)+"L2)"; 
        Log.e("MYAPP", "exception", ex); 
       } 
      } 
      return z; 

     } 
    } 


}

} 程序

ALTER PROCEDURE [system].[usp_validateUserLogin] 
    @p_Login NVARCHAR (50) 
    , @p_Password NVARCHAR (32) 
    , @p_CompanyID INT 
    , @p_OutDetails BIT = 1 
    , @p_AuthenticationTicket VARCHAR(200) OUTPUT 
AS 
BEGIN 
    SET NOCOUNT ON; 

    DECLARE @errNo INT 
     , @recCount INT 
     , @res INT 

    SELECT u.* 
     INTO #tmpLogin 
    FROM system.[User] AS u WITH (NOLOCK) 
    WHERE (u.Login = @p_Login) 
     AND (u.Company_ID = @p_CompanyID) 
     AND (pwdcompare (@p_Password, u.Passwd) = 1) 
     AND (u.Status = 0) --Active 

    SELECT @errNo = @@ERROR 
     , @recCount = @@ROWCOUNT 

    IF (@errNo <> 0) 
    BEGIN 
     RETURN 1010 
    END 

    IF (@recCount = 1) 
    BEGIN 
     DECLARE @userID INT 
     SELECT @userID = ID 
     FROM #tmpLogin 

     EXEC @res = system.usp_renewAuthenticationTicket @p_DoerTicket = '' 
                 , @p_AuthenticationTicket = @p_AuthenticationTicket OUTPUT 
                 , @p_UserID = @userID 
                 , @p_CompanyID = @p_CompanyID 
     IF (@res <> 0) 
      RETURN @res 

    END 
    --SET @p_AuthenticationTicket = 'TESTAUTHENTICATIONTICKET' 

    IF (@p_OutDetails = 1) 
    BEGIN 
     SELECT * 
     FROM #tmpLogin 
    END 

    RETURN 0 
END

output

,這裏是爲用戶程序註冊

ALTER PROCEDURE [system].[usp_iudUser] 
    @p_ID INT = NULL OUTPUT 
    , @p_Login NVARCHAR (50) = NULL 
    , @p_Password NVARCHAR (32) = NULL 
    , @p_FullName NVARCHAR (100) = NULL 
    --, @p_LastName NVARCHAR (50) = NULL 
    , @p_EMail NVARCHAR (200) = NULL 
    , @p_Status TINYINT = NULL 
    , @p_Roles VARCHAR (200) = NULL 
    , @p_DoerTicket VARCHAR (200) 
AS 
BEGIN 
    SET NOCOUNT ON; 

    DECLARE @doerUserID INT 
      , @doerCompanyID INT 
    EXEC system.usp_validateAuthenticationTicket @p_Ticket = @p_DoerTicket 
               , @p_UserID = @doerUserID OUTPUT 
               , @p_CompanyID = @doerCompanyID OUTPUT 


    MERGE INTO system.[User] AS target 
    USING (SELECT @p_ID 
       , @doerCompanyID 
       , @p_Login 
       , @p_Password 
       , @p_FullName 
       , @p_Roles 
       , @p_Status 
       /*, @p_FirstName 
       , @p_LastName*/ 
       , @p_EMail) AS source (ID 
             , CompanyID 
             , Login 
             , Password 
             , FullName 
             , Roles 
             , Status 
             /*, FirstName 
             , LastName*/ 
             , EMail) 
    ON (target.ID = source.ID) 
     AND (target.Company_ID = source.CompanyID) 
    WHEN MATCHED THEN 
     UPDATE SET 
      target.Login = CASE WHEN source.Status = 200 THEN target.Login + '_' + CAST (source.ID AS VARCHAR (10)) ELSE target.Login END --Login can not be changed 
      , target.Passwd = ISNULL (pwdencrypt (source.Password), target.Passwd) 
      , target.FullName = ISNULL (source.FullName, target.FullName) 
      --, target.LastName = ISNULL (source.LastName, target.LastName) 
      , target.EMail = ISNULL (source.EMail, target.EMail) 
      , target.Roles = ISNULL (source.Roles, target.Roles) 
      , target.Status = ISNULL (source.Status, target.Status) 
    WHEN NOT MATCHED BY TARGET AND source.ID IS NULL THEN 
     INSERT (Company_ID 
       , Login 
       , Passwd 
       , FullName 
       , Roles 
       , Status 
       /*, FirstName 
       , LastName*/ 
       , EMail) 
      VALUES (source.CompanyID 
        , source.Login 
        , pwdencrypt (source.Password) 
        , source.FullName 
        , NULLIF (RTRIM (source.Roles), '') 
        , ISNULL (source.Status, 0) 
        /*, source.FirstName 
        , source.LastName*/ 
        , NULLIF (source.EMail, '')); 

    IF (@@ROWCOUNT <> 1) 
    BEGIN 
     RETURN 1010 
    END 

    IF (@p_Id IS NULL) 
     SET @p_Id = SCOPE_IDENTITY () 

    RETURN 0  
END

來源

2016-10-10 omini data

回答

3

在proc [usp_validateUserLogin]使用參數@p_OutDetails,以確定是否將數據返回到調用者和您使用的事實,呼叫者記錄已經返回,以確定該過程是否成功。

ps.setString(4, null);將[usp_validateUserLogin]中的參數@p_OutDetails的值設置爲null。這與完全不提供參數不同,因爲SQL Server將使用值NULL而不是默認值。如果沒有提供參數,那麼它將使用默認值(1)。另外,期望的參數類型是BIT,因此它應該使用類似ps.SetBoolean的值來將BIT參數的值設置爲顯式值1(或true)。

作爲一個例子來說明使用默認值與供給NULL值:

CREATE PROCEDURE TestProc 
    @MyString VARCHAR(10) = 'string' 

AS 
BEGIN 
    SET NOCOUNT ON 
    SELECT @MyString AS Param, ISNULL(@MyString, 'Was Null') AS ItsValue 
END 
GO 


EXEC TestProc null 
EXEC TestProc 'A Value' 
EXEC TestProc --no params at all

運行此PROC返回該3種類型的EXEC以下。

Param,ItsValue 
NULL,Was Null 

Param,ItsValue 
A Value,A Value 

Param,ItsValue 
string,string

您的代碼,因此在執行第一種方法時,它執行以下命令行,@p_OutDetails包含NULL,它會跳過此位。

IF (@p_OutDetails = 1) 
BEGIN 
    SELECT * 
    FROM #tmpLogin 
END

來源

2016-10-13 18:24:50

+0

如果我在PARAM 4用「1」,則我得到一個意外的參數標記在38位置並且那,p_AuthenticationTicket = p_AuthenticationTicket OUTPUT –

+0

參數類型是一個位,因此嘗試的值沒有引號。 –

+0

我不能使用沒有qoutes的值,所以我嘗試了一個String.valueOf(測試))這是一個整數,但多數民衆贊成在相同 –

相關問題

 相關問題