Implementing ASP user authentication with SQL Server stored procedures

server|sqlserver| stored procedures in our user authentication program, it is easy to use ASP to call the SQL statements to retrieve the data table is a qualified record, and then use ASP for related processing.

All Roads Pass Rome! Of course, we can also use SQL Server database stored procedures to easily implement this functionality. Although relatively complex, but the improvement of its efficiency is very obvious, because the stored procedure is in the database has been compiled a good program, we need to use the ASP to use the various parameters of the correct transmission.
　　
This article is also mainly to pass a simple example, to tell you how to call the stored procedures with parameters in ASP. I hope you can get more inspiration from it.

The first step is to establish the data table UserInfo
ID int (4) NOT NULL,
FullName varchar (m) NOT NULL,
Password varchar is not NULL,
Nikename varchar (m) NOT NULL

The second step is to establish a stored procedure Usercheck
CREATE procedure Usercheck
@infullname varchar (50),
@inpassword varchar (50),
@outcheck char (3) OUTPUT
As
if exists (SELECT * from UserInfo where fullname= @infullname and password= @inpassword)
Select @outcheck = ' Yes '
Else
Select @outcheck = ' No '

Note: This establishes a stored procedure with three parameters, the first parameter @infullname, this is an input parameter, (username), the second parameter @inpassword, is also an input parameter, (the password), the third parameter @outcheck, this is an output parameter, (whether this user exists), the word "output" must be added after the data type when defining an export parameter.
　　
We then take the top two input parameters to retrieve the existence of a qualified user in the SQL statement, or "no" if there is a value for the output parameter.

　　
Step three, write ASP program, call stored procedure

<%
' Form submission Flag
If request ("OK") =1 then

' Establish a database connection
Set comm=server.createobject ("Adodb.command")
Comm.activeconnection= "Dsn=localserver; Uid=sa; pwd=;D Atabase=chaiwei "

' Establishes a stored procedure connection with the Comm object, 4 represents the connection type as a stored procedure
comm.commandtext= "Usercheck"
Comm.commandtype=4

' The parameter method to establish the Comm object with the name P1. Appends the first parameter fullname to the P1 collection
' The name of the first parameter of the FullName call
' 200 parameter type varchar type
' 1 parameter flow input, input to 1, output to 2
' 50 The length of the parameter 50
' Request (' fullname ') assign the starting value of the parameter

Set p1=comm.createparameter ("FullName", 200,1,50,request ("FullName"))
Comm.Parameters.Append P1


' The parameter method to establish the Comm object with the name P1. Appends the second parameter password to the P1 collection
' Specific ditto

Set p1=comm.createparameter ("Password", 200,1,20,request ("password"))
Comm.Parameters.Append P1


' The parameter method to establish the Comm object with the name P1. Append the third parameter check to the P1 collection
' 129 parameter Type Char
' 2 parameter flow to output
' 3 parameter length 3
Set p1=comm.createparameter ("Check", 129,2,3)
Comm.Parameters.Append P1


' Run the stored procedure
Comm.execute


' Bring out the results and deal with them
If Comm ("check") = "yes" then
Response.Write "Welcome into the system!" User name: "& Comm (" FullName ") &" Password: "& Comm (" Password ")
Else
Response.Write "Sorry, you have not registered!" "
End If

' Release connection
Set comm=nothing
Else

' Form part
%>