带有返回值的存储过程

Question

I have a stored procedure that goes like this:

ALTER PROCEDURE [dbo].[AuthenticateUser]    
    @AzUserName varchar(20),
    @Hash varchar(32),
    @UserId bigint output,
    @Authorized bit output
    ...

and runs just fine fine in Management Studio. Here's my C# code:

SqlConnection scon = new SqlConnection(connectionString);
SqlCommand authCmd = new SqlCommand("AuthenticateUser", scon);
authCmd.CommandType = System.Data.CommandType.StoredProcedure;

SqlParameter userNameParam = authCmd.Parameters.Add("@AzUserName", System.Data.SqlDbType.VarChar, 20);
                        userNameParam.Value = username;
string hashed = Md5Hash.ComputeHash(username);

SqlParameter hashedParam = authCmd.Parameters.Add("@Hash", System.Data.SqlDbType.VarChar, 32);
hashedParam.Value = hashed;

SqlParameter userIdParam = authCmd.Parameters.Add("@UserId", System.Data.SqlDbType.Int);
userIdParam.Direction = System.Data.ParameterDirection.ReturnValue;

SqlParameter authorizedParam = authCmd.Parameters.Add("@Authorized", System.Data.SqlDbType.Bit);
authorizedParam.Direction = System.Data.ParameterDirection.ReturnValue;

scon.Open();
authCmd.ExecuteNonQuery();
scon.Close();

When I run it I am getting the following error:

{"Procedure or function 'AuthenticateUser' expects parameter '@UserId', which was not supplied."}   System.Exception {System.Data.SqlClient.SqlException}

When I replace ParameterDirection.ReturnValue with ParameterDirection.Output I am not getting the error but never get the value of the procedure.

UPDATE: Thank you All for your help. The error was more trivial than you would have thought and I described in the question. I have been changing back and forth ReturnValue to Output for quite a while today with no result. Then I had to post my question on SO just to realize that I am taking the hash value of ... username..Going outdoor to get some oxygen now.

Answer 1

You will have to use ParameterDirection.Output on every parameter, that has been marked with output in T-SQL. You can access the values, after the call to

authCmd.ExecuteNonQuery();

by getting the values of the parametes like this:

authCmd.Parametes["@UserId"].Value

Answer 2

You're confusing the concepts of OUTPUT and RETURN values.

A RETURN value from a stored procedure is a single integer value per stored procedure that is defined within your proc by using the RETURN statement eg

RETURN 1  

A stored procedure can have zero to many parameters of which zero to many can be defined as OUTPUT.

In your case you're not showing any use of the RETURN statement but you are using OUTPUT parameters. In SQL Server these are more like input/output parameters and you need to provide a value.

You can access the resulting value of an OUTPUT parameter by looking at the parameters collection after calling the stored procedure and look at the value eg

authCmd.Parameters[2].Value

Or

userIdParam.Value

As per other answers, you need to use the output parameter direction to achieve this

Answer 3

You can access the values of authorizedParam.Value and userIdParam.Value after executing the command.

SqlConnection scon = new SqlConnection(connectionString);
SqlCommand authCmd = new SqlCommand("AuthenticateUser", scon);
authCmd.CommandType = System.Data.CommandType.StoredProcedure;

SqlParameter userNameParam = authCmd.Parameters.Add("@AzUserName", System.Data.SqlDbType.VarChar, 20);
                        userNameParam.Value = username;
string hashed = Zonal.Pie.Core.Common.Utils.Md5Hash.ComputeHash(username);

SqlParameter hashedParam = authCmd.Parameters.Add("@Hash", System.Data.SqlDbType.VarChar, 32);
hashedParam.Value = hashed;

SqlParameter userIdParam = authCmd.Parameters.Add("@UserId", System.Data.SqlDbType.Int);
userIdParam.Direction = System.Data.ParameterDirection.Output;

SqlParameter authorizedParam = authCmd.Parameters.Add("@Authorized", System.Data.SqlDbType.Bit);
authorizedParam.Direction = System.Data.ParameterDirection.Output;

scon.Open();
authCmd.ExecuteNonQuery();
//Access authorizedParam.Value and userIdParam.Value here
scon.Close();