存储过程判断用户登录信息

create proc checkadmin
(
@username varchar(50),
@userpwd varchar(50)

)
as
declare @flag int
declare @pass varchar(50)
select @pass=userpwd from admin_login where username=@username
if @@rowcount=0
set @flag=0
else
   if @pass=@userpwd
set @flag=1
   else
set @flag=2
go

SqlConnection myconn = db.openconn();
             try
             {
                 myconn.Open();
                 SqlCommand mycom = new SqlCommand("checkadmin", myconn);
                 mycom.CommandType = CommandType.StoredProcedure;
                 SqlParameter sp = new SqlParameter("@username", SqlDbType.VarChar);
                 sp.Value = username.Text;
                 mycom.Parameters.Add(sp);
                 sp = new SqlParameter("@userpwd", SqlDbType.VarChar);
                 sp.Value = userope.encrypt(userpwd.Text);
                 mycom.Parameters.Add(sp);
                 sp = new SqlParameter("@flag", SqlDbType.Int);
                 sp.Direction = ParameterDirection.Output;
                 mycom.Parameters.Add(sp);
                 mycom.ExecuteNonQuery();
                 if (mycom.Parameters["@flag"].Value.ToString() == "0")
                 {
                     userope.mess("用户名不存在!", "admin_login.aspx");
                 }
                 else if (mycom.Parameters["@flag"].Value.ToString() == "1")
                 {
                     Response.Redirect("add_admin.aspx");
                 }
                 else
                 {
                     userope.mess("密码有错!", "admin_login.aspx");
                 }
             }
             finally
             {

本文来自CSDN博客，转载请标明出处：http://blog.csdn.net/zhouyongyang/archive/2009/10/31/4751755.aspx