如何在storedprocedure中使用if条件?

yqlxgs2m  于 2021-06-15  发布在  Mysql
关注(0)|答案(0)|浏览(231)

我正在使用一个条件锁定登录帐户后,用错误的密码尝试了固定的次数。更新部分如下:
首先从登录帐户读取LoginAttents(int(1))

DECLARE LoginAttempts   INT(1);
UPDATE login SET 
LOGIN_ACCOUNT_STATUS = (SELECT CASE (LoginAttempts > MaxLoginAttempts) WHEN 1 THEN 'LOCKED' ELSE 'ACTIVE' END),
LOGIN_LOGIN_ATTEMPTS = (SELECT CASE (@USER_FOUND AND @PASSWORD_CORRECT) WHEN 1 THEN 0 ELSE LOGIN_LOGIN_ATTEMPTS + 1 END),
LOGIN_LAST_LOGIN_DATE = (SELECT CASE (@USER_FOUND AND @PASSWORD_CORRECT) WHEN 1 THEN TransactionDateTime ELSE LOGIN_LAST_LOGIN_DATE END),
LOGIN_LAST_LOGIN_LOCATION = null 
WHERE LOGIN_EMAIL = UserEmail;

当我将maxLoginAttmps设置为5时,帐户被锁定为11(大于maxLoginAttents的两倍)。如果我将maxLoginAttmps设置为2,则帐户将被锁定为5(大于maxLoginAttents的两倍)。
为什么会这样?感谢您的帮助。
这里我添加了完整的存储过程。

CREATE DEFINER=`pubuducg`@`%` PROCEDURE `CustomerAuthenticate`(IN UserEmail VARCHAR(100), IN PassWD VARCHAR(40), IN AccStatus VARCHAR(100),IN TransactionDateTime DATETIME, IN MaxLoginAttempts INT(1))
BEGIN
DECLARE LoginUserID     INT(11);
DECLARE LoginEmail      VARCHAR(50);
DECLARE LoginPassword   TINYTEXT;
DECLARE LoginAttempts   INT(1);
DECLARE AccountStatus   VARCHAR(45);
DECLARE UserRoles       VARCHAR(80);
SELECT 
login.LOGIN_USER_ID,
login.LOGIN_EMAIL,
login.LOGIN_PASSWORD,
login.LOGIN_ACCOUNT_STATUS,
login.LOGIN_LOGIN_ATTEMPTS,
GROUP_CONCAT(user_role.USER_ROLE_ROLE SEPARATOR ',') AS ROLES
INTO
LoginUserID,
LoginEmail,
LoginPassword,
AccountStatus,
LoginAttempts,
UserRoles
FROM login 
INNER JOIN user_role ON 
user_role.USER_ROLE_USER_ID = login.LOGIN_USER_ID AND user_role.USER_ROLE_STATUS = AccStatus 
WHERE login.LOGIN_EMAIL = UserEmail;

SET @USER_FOUND = found_rows();
SET @PASSWORD_CORRECT = IF((LoginPassword = PassWD AND AccountStatus = AccStatus), true, false);

UPDATE login SET 
LOGIN_ACCOUNT_STATUS = (SELECT CASE (LoginAttempts > MaxLoginAttempts) WHEN 1 THEN 'LOCKED' ELSE 'ACTIVE' END),
LOGIN_LOGIN_ATTEMPTS = (SELECT CASE (@USER_FOUND AND @PASSWORD_CORRECT) WHEN 1 THEN 0 ELSE LOGIN_LOGIN_ATTEMPTS + 1 END),
LOGIN_LAST_LOGIN_DATE = (SELECT CASE (@USER_FOUND AND @PASSWORD_CORRECT) WHEN 1 THEN TransactionDateTime ELSE LOGIN_LAST_LOGIN_DATE END),
LOGIN_LAST_LOGIN_LOCATION = null 
WHERE LOGIN_EMAIL = UserEmail;

SELECT 
IF(@USER_FOUND AND @PASSWORD_CORRECT, LoginUserID,0) AS USER_ID,
@PASSWORD_CORRECT AS AUTHENTICATED,
@USER_FOUND AS USER_EXISTS,
AccountStatus AS ACCOUNT_STATUS,
IF(@USER_FOUND AND @PASSWORD_CORRECT, 0, LoginAttempts + 1) AS LOGIN_ATTEMPTS,
IF(@USER_FOUND AND @PASSWORD_CORRECT, UserRoles,null) AS USER_ROLES;
END

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题