带传入参数与输出参数及返回值的存储过程在使用时的注意事项总结:
1.传入参数的参数名需与存储过程中定义的参数名一直,且区分大小写
3.输出参数需指定其参数类型(Direction)为传入参数类型(output)
4.输出参数需指定输出参数长度(size)
5.输出参数的参数名需与存储过程中定义的参数名一直,且区分大小写
6.返回值参数需指定其参数类型(Direction)为返回值参数类型(ReturnValue)
7.返回值参数不需指定返回值参数名以及长度
8.在存储过程中返回值参数为int型
protected void Button3_Click(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(txbName.Text))
{
if (!string.IsNullOrEmpty(txbPwd.Text))
{
string name = txbName.Text;
string pwd = txbPwd.Text;
SqlParameter p_username = new SqlParameter();
p_username.Value = name;
p_username.DbType = System.Data.DbType.String;
p_username.ParameterName = "@username";
SqlParameter p_userpassword = new SqlParameter();
p_userpassword.Value = pwd;
p_userpassword.DbType = System.Data.DbType.String;
p_userpassword.ParameterName = "@userpassword";
SqlParameter p_isallow = new SqlParameter();
p_isallow.Value = false;
p_isallow.DbType = System.Data.DbType.Boolean;
p_isallow.ParameterName = "@isallow";
ExecutePrucedure("ADDStudentByInput", p_username, p_userpassword, p_isallow);
}
else
{
Response.Write("<script>alert('请输入密码')</script>");
}
}
else
{
Response.Write("<script>alert('请输入用户名')</script>");
}
}
protected void btn_Login_Click(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(txbName.Text))
{
if (!string.IsNullOrEmpty(txbPwd.Text))
{
string name = txbName.Text;
string pwd = txbPwd.Text;
SqlParameter p_username = new SqlParameter();
p_username.Value = name;
p_username.DbType = System.Data.DbType.String;
p_username.ParameterName = "@name";
p_username.Direction = ParameterDirection.Input;
SqlParameter p_userpassword = new SqlParameter() { Value = pwd, ParameterName = "@pwd", DbType = DbType.String, Direction = ParameterDirection.Input };
SqlParameter p_isallow = new SqlParameter();
p_isallow.DbType = System.Data.DbType.String;
p_isallow.ParameterName = "@result";
p_isallow.Size = 50;
p_isallow.Direction = ParameterDirection.Output;
SqlParameter p_result = new SqlParameter() { DbType = DbType.String, Direction = ParameterDirection.ReturnValue };
SqlCommand cmd = ExecutePrucedure("UserLogin", p_username, p_userpassword, p_isallow, p_result);
Response.Write("<script>alert('" + cmd.Parameters[2].Value.ToString() + "')</script>");
Response.Write("<script>alert('" + cmd.Parameters[3].Value.ToString() + "')</script>");
}
else
{
Response.Write("<script>alert('请输入密码')</script>");
}
}
else
{
Response.Write("<script>alert('请输入用户名')</script>");
}
}
public SqlCommand ExecutePrucedure(string Proc, params SqlParameter[] Parameter)
{
string strConn = ConfigurationManager.ConnectionStrings["conn"].ConnectionString;
SqlConnection conn = new SqlConnection(strConn);
conn.Open();
SqlCommand cmd = new SqlCommand();
cmd.CommandText = Proc;
cmd.Connection = conn;
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.AddRange(Parameter);
cmd.ExecuteNonQuery();
conn.Close();
GridView1.DataBind();
return cmd;
}
存储过程
CREATE procedure ADDStudentByInput
@username nvarchar(20),
@userpassword nvarchar(20),
@isallow bit
AS
BEGIN
INSERT INTO UserInfo VALUES(@username,@userpassword,@isallow)
END
GO
USE [UserManage]
GO
执行存储过程
USE [UserManage]
GO
DECLARE @return_value int,
@result nvarchar(50)
EXEC @return_value = [dbo].[UserLogin]
@name = N'存储过程',
@pwd = N'123',
@result = @result OUTPUT
SELECT @result as N'@result'
SELECT 'Return Value' = @return_value
GO
创建存储过程
--CREATE PROC UserLogin
ALTER PROC UserLogin
@name nvarchar(20), --传入参数
@pwd nvarchar(20),
@result nvarchar(50) out--输出参数
AS
DECLARE
@UserName nvarchar(20),--变量声明
@UserPwd nvarchar(20),
@Count int,
@IsAllow BIT
BEGIN
--获取用户名
SELECT @Count= COUNT(1) FROM UserInfo WHERE UserName = @name
IF(@Count = 0 OR @Count IS NULL)
BEGIN
SET @result = '用户名不存在!';
END
ELSE IF(@Count = 1)
BEGIN
SELECT @UserPwd = UserPassword,@IsAllow = IsAllow FROM UserInfo WHERE UserName = @name
IF( @UserPwd = @pwd)
BEGIN
IF(@IsAllow = 1)
BEGIN
SET @result = '登陆成功!';
END
ELSE
BEGIN
SET @result = '没有权限登陆系统!';
END
END
ELSE
BEGIN
SET @result = '密码错误!';
END
END
ELSE
BEGIN
SET @result = '用户名不唯一';
END
return 1--返回值
END
GO