USE [CCR]
GO
/****** Object: StoredProcedure [dbo].[uspAddUser] Script Date: 3/27/2020 4:04:23 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[uspAddUser]
@pLogin NVARCHAR(50),
@pPassword NVARCHAR(50),
@pFirstName NVARCHAR(40) = NULL,
@pLastName NVARCHAR(40) = NULL,
@responseMessage NVARCHAR(250) OUTPUT
AS
BEGIN
SET NOCOUNT ON
DECLARE @salt UNIQUEIDENTIFIER=NEWID()
BEGIN TRY
INSERT INTO dbo.[CCR_User] (LoginName, PasswordHash, Salt, FirstName, LastName)
VALUES(@pLogin, HASHBYTES('SHA2_512', @pPassword+CAST(@salt AS NVARCHAR(36))), @salt, @pFirstName, @pLastName)
SET @responseMessage='Success'
END TRY
BEGIN CATCH
SET @responseMessage=ERROR_MESSAGE()
END CATCH
END
USE [CCR]
GO
/****** Object: StoredProcedure [dbo].[uspLogin] Script Date: 3/27/2020 4:04:57 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[uspLogin]
@pLoginName NVARCHAR(254),
@pPassword NVARCHAR(50),
@responseMessage NVARCHAR(250)='' OUTPUT
AS
BEGIN
SET NOCOUNT ON
DECLARE @userID INT
IF EXISTS (SELECT TOP 1 UserID FROM [dbo].[CCR_User] WHERE LoginName=@pLoginName)
BEGIN
SET @userID=(SELECT UserID FROM [dbo].[CCR_User] WHERE LoginName=@pLoginName AND PasswordHash=HASHBYTES('SHA2_512', @pPassword+CAST(Salt AS NVARCHAR(36))))
IF(@userID IS NULL)
SET @responseMessage='0' --'Incorrect password'
ELSE
SET @responseMessage='1'--'User successfully logged in'
END
ELSE
SET @responseMessage='0'--'Invalid login'
END
USE [CCR]
GO
/****** Object: UserDefinedFunction [dbo].[uspLoginFun] Script Date: 3/27/2020 4:07:38 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER FUNCTION [dbo].[uspLoginFun]
(
@pLoginName NVARCHAR(254),
@pPassword NVARCHAR(50)
)
RETURNS nvarchar(1)
AS
BEGIN
--SET NOCOUNT ON
DECLARE @userID INT,
@responseMessage NVARCHAR(1)
IF EXISTS (SELECT TOP 1 UserID FROM [dbo].[CCR_User] WHERE LoginName=@pLoginName)
BEGIN
SET @userID=(SELECT UserID FROM [dbo].[CCR_User] WHERE LoginName=@pLoginName AND PasswordHash=HASHBYTES('SHA2_512', @pPassword+CAST(Salt AS NVARCHAR(36))))
IF(@userID IS NULL)
--SET @responseMessage='0' --'Incorrect password'
RETURN '0'
ELSE
--SET @responseMessage='1'--'User successfully logged in'
RETURN '1'
END
ELSE
--SET @responseMessage='0'--'Invalid login'
RETURN '0'
RETURN '0'
END
--RETURN '0'
USE [CCR]
GO
/****** Object: StoredProcedure [dbo].[uspUpdateUser] Script Date: 3/27/2020 4:05:17 AM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[uspUpdateUser]
@pLogin NVARCHAR(50),
@pPassword NVARCHAR(50)
AS
BEGIN
SET NOCOUNT ON
DECLARE @salt UNIQUEIDENTIFIER=NEWID()
--BEGIN TRY
UPDATE dbo.[CCR_User] SET PasswordHash= HASHBYTES('SHA2_512', @pPassword+CAST(@salt AS NVARCHAR(36))),Salt=@salt
WHERE LoginName=@pLogin
UPDATE [CCR].[dbo].[CCR_UserBase] SET ChangeNext = 0, dtLastModified = GETDATE() WHERE [Login]=@pLogin
--INSERT INTO dbo.[CCR_User] (LoginName, PasswordHash, Salt, FirstName, LastName)
--VALUES(@pLogin, HASHBYTES('SHA2_512', @pPassword+CAST(@salt AS NVARCHAR(36))), @salt, @pFirstName, @pLastName)
--SET @responseMessage='Success'
--END TRY
--BEGIN CATCH
-- SET @responseMessage=ERROR_MESSAGE()
-- END CATCH
END
--exec [dbo].[uspUpdateUser] @pLogin='richjlemmermann',@pPassword='new'
https://www.mssqltips.com/sqlservertip/4037/storing-passwords-in-a-secure-way-in-a-sql-server-database/
USE [VisualCactus]
GO
/****** Object: UserDefinedFunction [dbo].[ProperCaseSimple] Script Date: 3/24/2020 12:27:51 PM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
create function [dbo].[ProperCaseSimple](@Text as varchar(8000))
returns varchar(8000)
as
begin
declare @Reset bit;
declare @Ret varchar(8000);
declare @i int;
declare @c char(1);
select @Reset = 1, @i=1, @Ret = '';
while (@i <= len(@Text))
select @c= substring(@Text,@i,1),
@Ret = @Ret + case when @Reset=1 then UPPER(@c) else LOWER(@c) end,
@Reset = case when @c like '[a-zA-Z]' then 0 else 1 end,
@i = @i +1
return @Ret
end
GO