sqlµÄ´æ´¢¹ý³ÌºÍaspÔõôµ÷ÓÃsqlµÄ´æ´¢¹ý³Ì

ÎÒ´ÓÍøÉÏÕÒÁ˺ܶ඼²»ÐÐ,Ï£ÍûÅóÓѸøÒ»¸ö,aspµÇ½µÄ´æ´¢¹ý³Ì,ºÍÓÃaspµ÷ÓÃÕâ¸ö´æ´¢¹ý³ÌµÄ´úÂë,лл!!

---

ÄãÃÇasp½Ì³ÌÀïûÓйØÓÚÔõôµ÷Óô洢¹ý³ÌµÄÀý×ÓÂð£¿

---

SQL code:
Create PROCEDURE User_Login
@username varchar(50),
@password varchar(50),
@userreturn BIT OUTPUT
AS
DECLARE @strPwd NVARCHAR(20)
select @strPwd=***_pass_word from fs_mf_*** where ***_name=@username
IF @password=@strPwd
SET @userreturn=1
ELSE
SET @userreturn=0
GO

---

ÒýÓÃ

ÎÒ´ÓÍøÉÏÕÒÁ˺ܶ඼²»ÐÐ,Ï£ÍûÅóÓѸøÒ»¸ö,aspµÇ½µÄ´æ´¢¹ý³Ì,ºÍÓÃaspµ÷ÓÃÕâ¸ö´æ´¢¹ý³ÌµÄ´úÂë,лл!!

·ÇSQLÄÚÈÝ,È¥ASP°æÎÊ.

---

C# code:
string UserName = txtUserName.Text.ToString();
string PassWord = txtPassWord.Text.ToString();
PassWord = FormsAuthentication.HashPasswordForStoringInConfigFile(PassWord, "md5").ToLower().Substring(8, 16);
SqlParameter[] par = new SqlParameter[3];
par[0] = new SqlParameter("@username", SqlDbType.VarChar, 50);
par[0].Value = UserName;
par[1] = new SqlParameter("@password",SqlDbType.VarChar,50);
par[1].Value = PassWord;
par[2] = new SqlParameter("@userreturn", SqlDbType.Int, 4)