1![]()
ALTER PROCEDURE dbo.aspnet_Membership_UpdateUserInfo
2![]()
@ApplicationName NVARCHAR(256),
3![]()
@UserName NVARCHAR(256),
4![]()
@IsPasswordCorrect BIT,
5![]()
@UpdateLastLoginActivityDate BIT,
6![]()
@MaxInvalidPasswordAttempts INT,
7![]()
@PasswordAttemptWindow INT,
8![]()
@TimeZoneAdjustment INT
9![]()
AS
10![]()
BEGIN
11![]()
DECLARE @UserId UNIQUEIDENTIFIER
12![]()
DECLARE @IsApproved BIT
13![]()
DECLARE @IsLockedOut BIT
14![]()
DECLARE @LastLockoutDate DATETIME
15![]()
DECLARE @FailedPasswordAttemptCount INT
16![]()
DECLARE @FailedPasswordAttemptWindowStart DATETIME
17![]()
DECLARE @FailedPasswordAnswerAttemptCount INT
18![]()
DECLARE @FailedPasswordAnswerAttemptWindowStart DATETIME
19![]()
/*声明关于密码的一堆变量*/
20![]()
21![]()
22![]()
DECLARE @ErrorCode INT
23![]()
SET @ErrorCode = 0
24![]()
25![]()
DECLARE @TranStarted BIT
26![]()
SET @TranStarted = 0
27![]()
28![]()
IF( @@TRANCOUNT = 0 ) --如果当前活动事务为0,开始事务并设置事务参数为1
29![]()
BEGIN
30![]()
BEGIN TRANSACTION
31![]()
SET @TranStarted = 1
32![]()
END
33![]()
ELSE
34![]()
SET @TranStarted = 0
35![]()
36![]()
DECLARE @DateTimeNowUTC DATETIME --声明当前时间并获取当前时间
37![]()
EXEC dbo.aspnet_GetUtcDate @TimeZoneAdjustment, @DateTimeNowUTC OUTPUT
38![]()
39![]()
40![]()
SELECT @UserId = u.UserId,
41![]()
@IsApproved = m.IsApproved,
42![]()
@IsLockedOut = m.IsLockedOut,
43![]()
@LastLockoutDate = m.LastLockoutDate,
44![]()
@FailedPasswordAttemptCount = m.FailedPasswordAttemptCount,
45![]()
@FailedPasswordAttemptWindowStart = m.FailedPasswordAttemptWindowStart,
46![]()
@FailedPasswordAnswerAttemptCount = m.FailedPasswordAnswerAttemptCount,
47![]()
@FailedPasswordAnswerAttemptWindowStart = m.FailedPasswordAnswerAttemptWindowStart
48![]()
FROM dbo.aspnet_Applications a, dbo.aspnet_Users u, dbo.aspnet_Membership m WITH ( UPDLOCK )
49![]()
WHERE LOWER(@ApplicationName) = a.LoweredApplicationName AND
50![]()
u.ApplicationId = a.ApplicationId AND
51![]()
u.UserId = m.UserId AND
52![]()
LOWER(@UserName) = u.LoweredUserName
53![]()
/*查询此用户的信息,字段都是上面声明的有关于密码的变量*/
54![]()
55![]()
IF ( @@rowcount = 0 ) --如果受影响行数为0,回滚事物并返回错误代码
56![]()
BEGIN
57![]()
SET @ErrorCode = 1
58![]()
GOTO Cleanup
59![]()
END
60![]()
61![]()
IF( @IsLockedOut = 1 ) --如果用户被锁定,也回滚,不允许操作
62![]()
BEGIN
63![]()
GOTO Cleanup
64![]()
END
65![]()
66![]()
IF( @IsPasswordCorrect = 0 ) --如果密码不正确
67![]()
BEGIN
68![]()
IF( @DateTimeNowUTC > DATEADD( minute, @PasswordAttemptWindow, @FailedPasswordAttemptWindowStart ) )
69![]()
BEGIN
70![]()
SET @FailedPasswordAttemptWindowStart = @DateTimeNowUTC
71![]()
SET @FailedPasswordAttemptCount = 1
72![]()
END
73![]()
ELSE
74![]()
BEGIN
75![]()
SET @FailedPasswordAttemptWindowStart = @DateTimeNowUTC
76![]()
SET @FailedPasswordAttemptCount = @FailedPasswordAttemptCount + 1
77![]()
END
78![]()
79![]()
BEGIN
80![]()
IF( @FailedPasswordAttemptCount >= @MaxInvalidPasswordAttempts )
81![]()
BEGIN
82![]()
SET @IsLockedOut = 1
83![]()
SET @LastLockoutDate = @DateTimeNowUTC
84![]()
END
85![]()
END
86![]()
END
87![]()
/*处理密码相关的问题*/
88![]()
ELSE
89![]()
BEGIN
90![]()
IF( @UpdateLastLoginActivityDate = 1 ) --如果更新最近登陆和活跃时间
91![]()
BEGIN
92![]()
UPDATE dbo.aspnet_Membership
93![]()
SET LastLoginDate = @DateTimeNowUTC
94![]()
WHERE UserId = @UserId
95![]()
--更新最近登陆时间
96![]()
97![]()
IF( @@ERROR <> 0 )
98![]()
BEGIN
99![]()
SET @ErrorCode = -1
100![]()
GOTO Cleanup
101![]()
END
102![]()
103![]()
UPDATE dbo.aspnet_Users
104![]()
SET LastActivityDate = @DateTimeNowUTC
105![]()
WHERE @UserId = UserId
106![]()
--更新最近活跃时间
107![]()
IF( @@ERROR <> 0 )
108![]()
BEGIN
109![]()
SET @ErrorCode = -1
110![]()
GOTO Cleanup
111![]()
END
112![]()
END
113![]()
114![]()
IF( @FailedPasswordAttemptCount > 0 OR @FailedPasswordAnswerAttemptCount > 0 )
115![]()
----如果密码尝试次数或者答案尝试次数大于0(此时输入正确,则全部还原处世状态)
116![]()
BEGIN
117![]()
SET @FailedPasswordAttemptCount = 0
118![]()
SET @FailedPasswordAttemptWindowStart = CONVERT( DATETIME, '17540101', 112 )
119![]()
SET @FailedPasswordAnswerAttemptCount = 0
120![]()
SET @FailedPasswordAnswerAttemptWindowStart = CONVERT( DATETIME, '17540101', 112 )
121![]()
SET @LastLockoutDate = CONVERT( DATETIME, '17540101', 112 )
122![]()
END
123![]()
END
124![]()
125![]()
UPDATE dbo.aspnet_Membership
126![]()
SET IsLockedOut = @IsLockedOut, LastLockoutDate = @LastLockoutDate,
127![]()
FailedPasswordAttemptCount = @FailedPasswordAttemptCount,
128![]()
FailedPasswordAttemptWindowStart = @FailedPasswordAttemptWindowStart,
129![]()
FailedPasswordAnswerAttemptCount = @FailedPasswordAnswerAttemptCount,
130![]()
FailedPasswordAnswerAttemptWindowStart = @FailedPasswordAnswerAttemptWindowStart
131![]()
WHERE @UserId = UserId
132![]()
---使用上面的参数更新表
133![]()
IF( @@ERROR <> 0 )
134![]()
BEGIN
135![]()
SET @ErrorCode = -1
136![]()
GOTO Cleanup
137![]()
END
138![]()
139![]()
IF( @TranStarted = 1 )
140![]()
BEGIN
141![]()
SET @TranStarted = 0
142![]()
COMMIT TRANSACTION
143![]()
END
144![]()
145![]()
RETURN @ErrorCode
146![]()
147![]()
Cleanup:
148![]()
149![]()
IF( @TranStarted = 1 )
150![]()
BEGIN
151![]()
SET @TranStarted = 0
152![]()
ROLLBACK TRANSACTION
153![]()
END
154![]()
155![]()
RETURN @ErrorCode
156![]()
157![]()
END
ALTER PROCEDURE dbo.aspnet_Membership_UpdateUserInfo2
@ApplicationName NVARCHAR(256),3
@UserName NVARCHAR(256),4
@IsPasswordCorrect BIT,5
@UpdateLastLoginActivityDate BIT,6
@MaxInvalidPasswordAttempts INT,7
@PasswordAttemptWindow INT,8
@TimeZoneAdjustment INT9
AS10
BEGIN11
DECLARE @UserId UNIQUEIDENTIFIER12
DECLARE @IsApproved BIT13
DECLARE @IsLockedOut BIT14
DECLARE @LastLockoutDate DATETIME15
DECLARE @FailedPasswordAttemptCount INT16
DECLARE @FailedPasswordAttemptWindowStart DATETIME17
DECLARE @FailedPasswordAnswerAttemptCount INT18
DECLARE @FailedPasswordAnswerAttemptWindowStart DATETIME19
/*声明关于密码的一堆变量*/ 
20
21
22
DECLARE @ErrorCode INT23
SET @ErrorCode = 024
25
DECLARE @TranStarted BIT26
SET @TranStarted = 027
28
IF( @@TRANCOUNT = 0 ) --如果当前活动事务为0,开始事务并设置事务参数为129
BEGIN30
BEGIN TRANSACTION31
SET @TranStarted = 132
END33
ELSE34
SET @TranStarted = 035
36
DECLARE @DateTimeNowUTC DATETIME --声明当前时间并获取当前时间 37
EXEC dbo.aspnet_GetUtcDate @TimeZoneAdjustment, @DateTimeNowUTC OUTPUT38
39
40
SELECT @UserId = u.UserId,41
@IsApproved = m.IsApproved,42
@IsLockedOut = m.IsLockedOut,43
@LastLockoutDate = m.LastLockoutDate,44
@FailedPasswordAttemptCount = m.FailedPasswordAttemptCount,45
@FailedPasswordAttemptWindowStart = m.FailedPasswordAttemptWindowStart,46
@FailedPasswordAnswerAttemptCount = m.FailedPasswordAnswerAttemptCount,47
@FailedPasswordAnswerAttemptWindowStart = m.FailedPasswordAnswerAttemptWindowStart48
FROM dbo.aspnet_Applications a, dbo.aspnet_Users u, dbo.aspnet_Membership m WITH ( UPDLOCK )49
WHERE LOWER(@ApplicationName) = a.LoweredApplicationName AND50
u.ApplicationId = a.ApplicationId AND51
u.UserId = m.UserId AND52
LOWER(@UserName) = u.LoweredUserName53
/*查询此用户的信息,字段都是上面声明的有关于密码的变量*/54
55
IF ( @@rowcount = 0 ) --如果受影响行数为0,回滚事物并返回错误代码56
BEGIN57
SET @ErrorCode = 158
GOTO Cleanup59
END60
61
IF( @IsLockedOut = 1 ) --如果用户被锁定,也回滚,不允许操作62
BEGIN63
GOTO Cleanup64
END65
66
IF( @IsPasswordCorrect = 0 ) --如果密码不正确67
BEGIN68
IF( @DateTimeNowUTC > DATEADD( minute, @PasswordAttemptWindow, @FailedPasswordAttemptWindowStart ) )69
BEGIN70
SET @FailedPasswordAttemptWindowStart = @DateTimeNowUTC71
SET @FailedPasswordAttemptCount = 172
END73
ELSE74
BEGIN75
SET @FailedPasswordAttemptWindowStart = @DateTimeNowUTC76
SET @FailedPasswordAttemptCount = @FailedPasswordAttemptCount + 177
END78
79
BEGIN80
IF( @FailedPasswordAttemptCount >= @MaxInvalidPasswordAttempts )81
BEGIN82
SET @IsLockedOut = 183
SET @LastLockoutDate = @DateTimeNowUTC84
END85
END86
END87
/*处理密码相关的问题*/88
ELSE89
BEGIN90
IF( @UpdateLastLoginActivityDate = 1 ) --如果更新最近登陆和活跃时间91
BEGIN92
UPDATE dbo.aspnet_Membership93
SET LastLoginDate = @DateTimeNowUTC94
WHERE UserId = @UserId95
--更新最近登陆时间96
97
IF( @@ERROR <> 0 )98
BEGIN99
SET @ErrorCode = -1100
GOTO Cleanup101
END102
103
UPDATE dbo.aspnet_Users104
SET LastActivityDate = @DateTimeNowUTC105
WHERE @UserId = UserId106
--更新最近活跃时间107
IF( @@ERROR <> 0 )108
BEGIN109
SET @ErrorCode = -1110
GOTO Cleanup111
END112
END113
114
IF( @FailedPasswordAttemptCount > 0 OR @FailedPasswordAnswerAttemptCount > 0 )115
----如果密码尝试次数或者答案尝试次数大于0(此时输入正确,则全部还原处世状态)116
BEGIN117
SET @FailedPasswordAttemptCount = 0118
SET @FailedPasswordAttemptWindowStart = CONVERT( DATETIME, '17540101', 112 )119
SET @FailedPasswordAnswerAttemptCount = 0120
SET @FailedPasswordAnswerAttemptWindowStart = CONVERT( DATETIME, '17540101', 112 )121
SET @LastLockoutDate = CONVERT( DATETIME, '17540101', 112 )122
END123
END124
125
UPDATE dbo.aspnet_Membership126
SET IsLockedOut = @IsLockedOut, LastLockoutDate = @LastLockoutDate,127
FailedPasswordAttemptCount = @FailedPasswordAttemptCount,128
FailedPasswordAttemptWindowStart = @FailedPasswordAttemptWindowStart,129
FailedPasswordAnswerAttemptCount = @FailedPasswordAnswerAttemptCount,130
FailedPasswordAnswerAttemptWindowStart = @FailedPasswordAnswerAttemptWindowStart131
WHERE @UserId = UserId132
---使用上面的参数更新表133
IF( @@ERROR <> 0 )134
BEGIN135
SET @ErrorCode = -1136
GOTO Cleanup137
END138
139
IF( @TranStarted = 1 )140
BEGIN141
SET @TranStarted = 0142
COMMIT TRANSACTION143
END144
145
RETURN @ErrorCode146
147
Cleanup:148
149
IF( @TranStarted = 1 )150
BEGIN151
SET @TranStarted = 0152
ROLLBACK TRANSACTION153
END154
155
RETURN @ErrorCode156
157
END
浙公网安备 33010602011771号