CREATE PROCEDURE is_login
(
@ID char(10),
@Password char(10)
)
AS
declare @count int
select count(1) from Admin where A_id=@ID and A_password=@Password
if(@count>0) select @count
GO
======exec is_login @ID='admin',@Password='admin' =====
============修改
ALTER procedure [dbo].[proc_UpdateSysUserInfo]
(
@username varchar(50),
@Oldpass varchar(50),
@newpass varchar(50),
@name varchar(50)
)
as
begin
declare @count int
select @count=count(*) from SyUsers where loginname=@username and loginpwd=@Oldpass
if(@count=1)
update SyUsers set loginpwd=@newpass,name=@name where loginname=@username
else
select -1
end
public static int UpdatePass(string loginname,string oldpass,string newpass,string name)
{
string sql = string.Format("exec proc_UpdateSysUserInfo '{0}','{1}','{2}','{3}'",loginname,oldpass,newpass,name);
sqlHandler sh = new sqlHandler();
return sh.ExecuteNonQuery(sql) ;
}
public int ExecuteNonQuery(string sql)
{
try
{
this._conn = new SqlConnection(ConfigurationSettings.AppSettings["con"]);
_conn.Open();
this._cmd = new SqlCommand(sql,_conn);
int efect = _cmd.ExecuteNonQuery();
return efect ;
}
catch
{
return 0;
}
finally
{
_conn.Close();
}
}
=========
create procedure [dbo].[proc_login]
(
@uid varchar(20),
@password varchar(20)
)
as
begin
declare @count int
declare @name varchar(20)
select @count=Count(*) from syusers where loginname=@uid and loginpwd=@password
if(@count>0)
begin
select @name=name from syusers where loginname=@uid
select @name
end
else
select -1
end
public DataTable GetData(string sql)
{
try
{
this._conn = new SqlConnection(ConfigurationSettings.AppSettings["con"]);
this._da = new SqlDataAdapter(sql, _conn);
DataTable dt = new DataTable();
_da.Fill(dt);
return dt;
}
catch
{
return null;
}
}
public static string Login(string uid, string pass)
{
string sql = string.Format("exec proc_login '{0}','{1}' ",uid,pass);
sqlHandler sh = new sqlHandler();
DataTable dt = sh.GetData(sql);
if (dt != null)
{
return dt.Rows[0][0].ToString();
}
else
{
return null;
}
}