0

i write the procedure for login in this user can give username or emailid for the login. this is my code.... please check is there any change is required for this

ALTER procedure [dbo].[users_login] (@username varchar(50),@password varchar(50),
  @emailid varchar(50),@ret int output)
as
  begin
       select username,password,emailid from users where( username=@username or
        emailid=@emailid) and [password]=@password
       if(@@rowcount >0)
          begin
                set @ret=1
          end
       else
           begin
               set @ret=0
            end
  end

Edited by __avd: Added [code] tags. Encase your code in: [code] and [/code] tags.

2
Contributors
1
Reply
2
Views
7 Years
Discussion Span
Last Post by padtes
1

I wouldn't rely on @@rowCount. Plus, logic for user login / email looks "liberal", one can enter valid login and invalid email. My preferred logic would be:

ALTER procedure [dbo].[users_login] (@username varchar(50),@password varchar(50),
@emailid varchar(50),@ret int output)
as
begin

set @ret=0
if @emailid <> '' or @username <> ''
begin
  select @ret=1, username,password,emailid from users 
   where ( ( username=@username and @username <> '' )or 
 ( emailid= @emailid and @emailid <> '')) and [password]=@password
end

end

Please close thread once you get good enough help.

Votes + Comments
Good suggestion.
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.