Click here to Skip to main content
15,867,488 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
GO /****** Object: StoredProcedure [dbo].[spEX_LoginUser]
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[spEX_LoginUser]
(
@loginname varchar(50),
@password varchar(50)
)
AS
BEGIN
IF EXISTS(SELECT LoginName, [Password] FROM EX_Candidate WHERE LoginName=@loginname AND [Password]=@password AND Appeared=0)
BEGIN
SELECT 1 AS Status,@loginname as LoginName,'Login Successful' AS ReturnMessage
END
else
BEGIN
SELECT 0 AS Status,@loginname as LoginName,'User doesnot exists' as ReturnMessage
END

END
Posted
Updated 22-Nov-15 23:24pm
v2
Comments
[no name] 23-Nov-15 5:11am    
Why you want to return @loginname? You already have @loginname which you passing while calling this procedure. Use that.

1 solution

First, why return a value that you pass in? The code that uses it already knows it...or it couldn't pass it to you.
Second, never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900