大家帮小弟我看看这个SQL语句如何写啊多谢各位了
日期:2014-05-18 浏览次数:20451 次
大家帮我看看这个SQL语句怎么写啊,谢谢各位了!
CREATE PROCEDURE [dbo].[S_LoginUser]
@U_UserName varchar(50),
@U_PassWord varchar(20),
@UserID int OUTPUT,
@RoleID int OUTPUT
AS
select @UserID=U_ID,@RoleID=UserRoleID from dbo.Users
where U_UserName=@U_UserName and U_PassWord=@U_PassWord
IF @@Rowcount < 1
SELECT @UserID = -1
现在要在string _strSql= "sql语句 "
这个应该怎么写啊?
------解决方案--------------------
string _strSql = "execute S_LoginUser ' "+UserName.ToString()+ " ', ' "+Password.ToString()+ " ', "+UserID.ToString()+ ", "+RoleID.ToString()+ " ";
------解决方案--------------------
StringBuilder sb = new StringBuilder();
sb.Append( "CREATE PROCEDURE [dbo].[S_LoginUser] ");
...
string _strSql = sb.ToString();
------解决方案--------------------
SqlConnection conn = new SqlConnection(strConn);
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandText = "select @UserID=U_ID,@RoleID=UserRoleID from dbo.Users where U_UserName=@U_UserName and U_PassWord=@U_PassWord ";
cmd.Parameters.Add(new SqlParameter( "@UserID ", SqlDbType.Int)).Direction = ParameterDirection.Output;
cmd.Parameters.Add(new SqlParameter( "@RoleID ", SqlDbType.Int)).Direction = ParameterDirection.Output;
cmd.Parameters.Add(new SqlParameter( "@U_UserName ", SqlDbType.VarChar, 50)).Value = "用户名的值 ";
cmd.Parameters.Add(new SqlParameter( "@U_PassWord ", SqlDbType.VarChar, 20)).Value = "密码的值 ";
try
{
conn.Open();
cmd.ExecuteNonQuery();
Response.Write( "companyName: " + cmd.Parameters[ "@UserID "].Value.ToString() + " <br> ");
Response.Write( "contactName: " + cmd.Parameters[ "@RoleID "].Value.ToString() + " <br> ");
}
catch
{
}
finally
{
conn.Close();
}
CREATE PROCEDURE [dbo].[S_LoginUser]
@U_UserName varchar(50),
@U_PassWord varchar(20),
@UserID int OUTPUT,
@RoleID int OUTPUT
AS
select @UserID=U_ID,@RoleID=UserRoleID from dbo.Users
where U_UserName=@U_UserName and U_PassWord=@U_PassWord
IF @@Rowcount < 1
SELECT @UserID = -1
现在要在string _strSql= "sql语句 "
这个应该怎么写啊?
------解决方案--------------------
string _strSql = "execute S_LoginUser ' "+UserName.ToString()+ " ', ' "+Password.ToString()+ " ', "+UserID.ToString()+ ", "+RoleID.ToString()+ " ";
------解决方案--------------------
StringBuilder sb = new StringBuilder();
sb.Append( "CREATE PROCEDURE [dbo].[S_LoginUser] ");
...
string _strSql = sb.ToString();
------解决方案--------------------
SqlConnection conn = new SqlConnection(strConn);
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandText = "select @UserID=U_ID,@RoleID=UserRoleID from dbo.Users where U_UserName=@U_UserName and U_PassWord=@U_PassWord ";
cmd.Parameters.Add(new SqlParameter( "@UserID ", SqlDbType.Int)).Direction = ParameterDirection.Output;
cmd.Parameters.Add(new SqlParameter( "@RoleID ", SqlDbType.Int)).Direction = ParameterDirection.Output;
cmd.Parameters.Add(new SqlParameter( "@U_UserName ", SqlDbType.VarChar, 50)).Value = "用户名的值 ";
cmd.Parameters.Add(new SqlParameter( "@U_PassWord ", SqlDbType.VarChar, 20)).Value = "密码的值 ";
try
{
conn.Open();
cmd.ExecuteNonQuery();
Response.Write( "companyName: " + cmd.Parameters[ "@UserID "].Value.ToString() + " <br> ");
Response.Write( "contactName: " + cmd.Parameters[ "@RoleID "].Value.ToString() + " <br> ");
}
catch
{
}
finally
{
conn.Close();
}
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
