sql - Validate password in stored procedure -
i'm having trouble validating account in sql server stored procedure. hashbyte password of user. when wants log in account again hashbyte parameter(@fpassword
) , compare hashbyte password in database. problem keep getting different value.
for example:
declare @fpassword nvarchar(4000) set @fpassword = 'sharingan1' if (convert(nvarchar(4000), hashbytes('sha1', @fpassword), 1)) <> (select fpassword customertable fusername = 'cesark14') begin print 'b' end else print 'c'
i keep getting 'b'
. when replace @fpassword
'sharingan1'
, 'c'
(which want).
does know why
(convert(nvarchar(4000), hashbytes('sha1', @fpassword), 1))
where set @fpassword = 'sharingan1'
different
(convert(nvarchar(4000), hashbytes('sha1', 'sharingan1'), 1))
your variable @fpassword nvarchar. when hardcode string, of type varchar. if put 'n' before string, in "n'sharingan1'", should equivalent, expresses string nvarchar. or make variable of type varchar.
encoding matters.
Comments
Post a Comment