Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I need create a SQL Server stored procedure that does the following:
I don’t know how do perform step 2. Any ideas?
There are two routes to go with this:
1) Query the SQL Server tables directly to find a match. You’ll probably have to go through a view, instead of accessing the table directly. Maybe, select * from Sys.sql_logins
Need to find a way to hash the password, to compare against the hashed version, in Sys.sql_logins.password_hash
As of SQL Server 2008, they added the function PWDCOMPARE(). That’s clearly the way MS intended for this to be solved.
So, in 2008, I would think you’d query it as
select * from Sys.sql_logins where name = ‘login’ and PWDCOMPARE(‘password’, Sys.sql_logins.password_hash) = 1
Oddly enough, I just tried this on SQL 2005, and the function seems to exist.
2) Attempt a connection to the SQL server via a call to OPENDATASOURCE () and test for failure. MSDN page for OPENDATASOURCE() is at: http://msdn.microsoft.com/en-us/library/aa276845(v=sql.80).aspx