-1

我已经用 php 作为服务器语言建立了一个带有 MySQL 后端的网站,现在我将在 asp.net 中建立相同的网站

MySQL 数据库中定义了以下过程:

DELIMITER //
CREATE PROCEDURE Login(
    IN Username VARCHAR(16),
    IN UserPassword VARCHAR(16),
    OUT UID int,
    OUT SL INT,
    OUT SP VARCHAR(8),
    OUT MA BOOL)    -- missing admin entry
BEGIN
    DECLARE adminID INT DEFAULT -1;
    DECLARE lastTimeout DATETIME DEFAULT NULL;
    SET UID = -1;

    SELECT ID, SecurityLevel, LoginTimeout INTO UID, SL, lastTimeout
    FROM User
    WHERE User.UserName = Username and User.Password = UserPassword;

    IF NOW() > lastTimeout OR lastTimeOut IS NULL THEN
        IF lastTimeOut IS NOT NULL THEN
            INSERT INTO UserLog (UserID, Date, Action) VALUES (UID, NOW(), 'TIMEOUT');
        END IF;

        SELECT ID, Password INTO SL, SP
        FROM SecurityLevels
        WHERE ID = SL;

        SELECT UserID INTO adminID
        FROM Admin
        WHERE UserID = UID;

        IF adminID = -1 AND SL = 4 THEN SET MA = TRUE;
        ELSE SET MA = FALSE;
        END IF;

        IF UID != -1 THEN
            INSERT INTO UserLog (UserID, Date, Action) VALUES (UID, NOW(), 'LOGIN');
            UPDATE User SET User.LoginTimeOut = DATE_ADD(NOW(), INTERVAL 1 HOUR) WHERE User.ID = UID;
        END IF;
    ELSE
        SET UID = -1;
    END IF;

END //
DELIMITER ;

我使用的用户是:

CREATE USER 'LOGIN'@'%' IDENTIFIED BY '6Jd8kKi0';
GRANT execute ON procedure b09xxxxx.Login TO 'LOGIN'@'%';

现在,在 php 中我这样做,它就像一个魅力:

$pdo = new PDO('mysql:dbname=b09xxxxx;host=wwwlab.xxx.xxx.se', 'LOGIN', '6Jd8kKi0');
$pdo->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING );

$userID = 0;
$securityLevel = 0;
$securityPassword = "";

//$sql = "SELECT UserName, ID, SecurityLevel FROM User WHERE UserName = '" . $_POST['username'] . "' and Password = '" . $_POST['password'] . "';";
$sql = "CALL Login(:USERNAME, :PASSWORD, @UID, @SL, @SP, @MA);";

$stmt = $pdo->prepare($sql);
$stmt->bindParam(':USERNAME', $_POST['username']);
$stmt->bindParam(':PASSWORD', $_POST['password']);
$stmt->execute();

//$q     = $pdo->query($sql) or die("ERROR:DB");

$sql = "SELECT @UID, @SL, @SP, @MA;";

$q   = $pdo->query($sql) or die("ERROR:DB");

$r = $q->fetch(PDO::FETCH_ASSOC);

但是这个 asp.net (C#) 版本不起作用:

string connectionString = "Server=wwwlab.xxx.xxx.se; Database=b09xxxxx; User ID=LOGIN; Password=6Jd8kKi0; Pooling=false;";
MySqlConnection dbcon = new MySqlConnection(connectionString);
dbcon.Open();

//string query = "CALL Login(:USERNAME, :PASSWORD, @UID, @SL, @SP, @MA);";
//Now changed to this thanks to John Woo
string query = "Login";

MySqlCommand sqlCmd = new MySqlCommand(query, dbcon);
sqlCmd.CommandType = System.Data.CommandType.StoredProcedure;

sqlCmd.Parameters.AddWithValue(":USERNAME", loginUsername.Text);
sqlCmd.Parameters[":USERNAME"].Direction = ParameterDirection.Input;
sqlCmd.Parameters.AddWithValue(":PASSWORD", loginPassword.Text);
sqlCmd.Parameters[":PASSWORD"].Direction = ParameterDirection.Input;

sqlCmd.Parameters.Add(new MySqlParameter("@UID", MySqlDbType.Int64));
sqlCmd.Parameters["@UID"].Direction = ParameterDirection.Output;
sqlCmd.Parameters.Add(new MySqlParameter("@SL", MySqlDbType.Int64));
sqlCmd.Parameters["@SL"].Direction = ParameterDirection.Output;
sqlCmd.Parameters.Add(new MySqlParameter("@SP", MySqlDbType.String));
sqlCmd.Parameters["@SP"].Direction = ParameterDirection.Output;
sqlCmd.Parameters.Add(new MySqlParameter("@MA", MySqlDbType.Byte));
sqlCmd.Parameters["@MA"].Direction = ParameterDirection.Output;

sqlCmd.ExecuteNonQuery();

MySqlDataAdapter adapter = new MySqlDataAdapter("SELECT @UID, @SL, @SP, @MA;", dbcon);
DataSet ds = new DataSet();
adapter.Fill(ds, "result");

CustomerGrid.DataSource = ds.Tables["result"];
CustomerGrid.DataBind();               

dbcon.Close();http://stackoverflow.com/editing-help

我收到以下错误:

CALL Login(:USERNAME, :PASSWORD, @UID, @SL, @SP, @MA)在数据库“ ”中找不到过程或函数“ b09xxxxx”。

编辑:现在这是新问题:SELECT command denied to user 'LOGIN'@'193.11.99.23' for table 'proc'

4

1 回答 1

1

我认为调用 .Fill 方法时正在生成错误。

更改以下代码;

MySqlDataAdapter adapter = new MySqlDataAdapter("SELECT @UID, @SL, @SP, @MA;", dbcon);
DataSet ds = new DataSet();
adapter.Fill(ds, "result");
CustomerGrid.DataSource = ds.Tables["result"];

和;

DataTable table = new DataTable();
table.Columns.Add("UID", typeof(int));
table.Columns.Add("SL", typeof(int));
table.Columns.Add("SP", typeof(string));
table.Columns.Add("MA", typeof(boolean));

table.Rows.Add(sqlCmd.Parameters["@UID"].Value, sqlCmd.Parameters["@SL"].Value, sqlCmd.Parameters["@SP"].Value, sqlCmd.Parameters["@MA"].Value);
CustomerGrid.DataSource = table
于 2012-11-16T17:57:30.453 回答