ALTER PROCEDURE [dbo].[auth]
-- Add the parameters for the stored procedure here
(
-- removed "output" from below ... your c# page
-- should still have these values when you get back
-- just guessed on 100 dimension
@user varchar(100),
@password varchar(100)
)
AS
-- The following variables are not being used, nor will they need to
be.
-- DECLARE @id int, @pos varchar
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
-- Insert statements for procedure here
SELECT PersonID, Rank, Position, Supervisor FROM PERSON
WHERE UserName = @user AND Password = @password;
--SELECT 'testing';
SET NOCOUNT OFF; -- I recommend turning back off, but up to your
designs.
END
And without sharing my sqlArray library at this time (which uses
datareader to
place the data into a jagged array ... because I used to love getRows,
and like
closing that db connection asap) ... I leave you with the following
link
for using SqlDataReader. I will have a personal site someday I hope.
http://articles.sitepoint.com/article/dataset-datareader
Throw a counter in the datareader loop start it above the loop at 0
and then make it =1 in the loop ... if 0 the login failed.
If your counter is 1 then login successful.
if (myCount == 1) //success
{
// set the sessionID["user"] or cookie to PersonID
// not sure what you are using rank, position, and supervisor for in
app
}
else // login failed
{
// redirect to failed login page
}
