create procedure LogInUser @username nvarchar(64), @password nvarchar(64

1. create procedure LogInUser
2. @username nvarchar(64),
3. @password nvarchar(64),
4. @succeed bit out,
5. @not_exist_err bit out
6. as
7. declare @exist_user nvarchar(64)
8. select @exist_user = username from users
9. where username = @username
10.  
11. if @exist_user is null
12. begin
13. set @succeed = 0
14. set @not_exist_err = 1
15. return
16. end
17. else
18. begin
19. select * from users
20. where username = @username and password = @password
21. end
22. return
23.  
24. select @exist_user = username from users
25. where username = @username
26.  
27. select * from users
28. where username = @username and password = @password
29.  
30. declare @succeedResult bit
31. declare @existErr bit
32. exec LogInUser @username=admin, @password =admin, @succeed = @succeedResult, @not_exist_err = @existErr
33.  
34. public User LogIn(User usr)
35. {
36. SqlConnection conn = A2.Controller.Utils.conn;
37. SqlCommand loginCmd = new SqlCommand("LogInUser", conn);
38. loginCmd.CommandType = CommandType.StoredProcedure;
39.  
40. User result = new User();
41.  
42. try
43. {
44. conn.Open();
45. loginCmd.Parameters.Add("@username", SqlDbType.NVarChar).Value = usr.Username;
46. loginCmd.Parameters.Add("@password", SqlDbType.NVarChar).Value = usr.Password;
47. loginCmd.Parameters.Add("@succeed", SqlDbType.Bit).Direction = ParameterDirection.Output;
48. loginCmd.Parameters.Add("@not_exist_err", SqlDbType.Bit).Direction = ParameterDirection.Output;
49. SqlDataReader dr = loginCmd.ExecuteReader();
50.  
51. if (loginCmd.Parameters["@succeed"].Value != DBNull.Value){
52. Console.WriteLine("User does not exist");
53. SqlParameter notExistErr = loginCmd.Parameters["@not_exist_err"];
54.  
55. if (notExistErr.Value != DBNull.Value){
56. throw new NotExistException("The username or password is incorrect.", "Users");
57. }
58. }
59.  
60. while (dr.Read()) {
61. Console.WriteLine("Looping dr");
62. result.Username = (string) dr["username"];
63. result.Password = (string) dr["password"];
64. result.FirstName = (string) dr["first_name"];
65. result.MiddleName = (string) dr["middle_name"];
66. result.LastName = (string) dr["last_name"];
67. result.ManagerID = (int) dr["manager_id"];
68. result.IsAdmin = (int) dr["is_admin"];
69.  
70. return result;
71. }
72. Console.WriteLine("Done reading");
73. }
74. finally {
75. if (conn.State == ConnectionState.Open) conn.Close();
76. }
77. return result;
78. }
79.  
80. SqlDataReader dr = loginCmd.ExecuteReader();
81. if (loginCmd.Parameters["@succeed"].Value != DBNull.Value){
82.  
83. SqlDataReader dr = loginCmd.ExecuteReader();
84. if (!dr.HasRows)
85. {
86. Console.WriteLine("User does not exist");
87. SqlParameter notExistErr = loginCmd.Parameters["@not_exist_err"];
88. if (notExistErr.Value != DBNull.Value)
89. {
90. throw new NotExistException("The username or password is incorrect.", "Users");
91. }
92. }
93. else
94. {
95. while (dr.Read())
96. {
97. Console.WriteLine("Looping dr");
98. result.Username = (string) dr["@username"];
99. result.Password = (string) dr["@password"];
100. result.FirstName = (string) dr["@first_name"];
101. result.MiddleName = (string) dr["@middle_name"];
102. result.LastName = (string) dr["@last_name"];
103. result.ManagerID = (int) dr["@manager_id"];
104. result.IsAdmin = (int) dr["@is_admin"];
105. return result;
106. }
107. }
108.  
109. declare @succeedResult bit
110. declare @existErr bit
111. exec LogInUser @username=N'admin', @password =N'admin', @succeed = @succeedResult, @not_exist_err = @existErr