开发者

Store such characters in SQL Server 2008 R2

I'm storing encrypted passwords in the database, It worked perfect so far on MachineA. Now that I moved to MachineB it seems like the results gets corrupted in the table.

For example: ù9qÆæ\2 Ý-³Å¼]ó will change to ?9q??\2 ?-³?¼]? in the table.

That's the query I use:

ALTER PROC [Employees].[pRegister开发者_如何学JAVA](@UserName NVARCHAR(50),@Password VARCHAR(150))

AS
BEGIN

DECLARE @Id UNIQUEIDENTIFIER
SET @Id = NEWID()

SET @password = HashBytes('MD5', @password + CONVERT(VARCHAR(50),@Id))

SELECT @Password

INSERT INTO Employees.Registry (Id,[Name],[Password]) VALUES (@Id, @UserName,@Password) 

END
  • Collation: SQL_Latin1_General_CP1_CI_AS
  • ProductVersion: 10.50.1600.1

Thanks


You are mixing 2 datatypes:

  • password need to be nvarchar to support non-Western European characters
  • literals need N prefix

Demo:

DECLARE @pwdgood nvarchar(150), @pwdbad varchar(150)
SET @pwdgood = N'ù9qÆæ\2 Ý-³Å¼]ó'
SET @pwdbad = N'?9q??\2 ?-³?¼]?'
SELECT @pwdgood, @pwdbad
  • HashBytes gives varbinary(8000) so you need this in the table

Note: I'd also consider salting the stored password with something other than ID column for that row


If you want to store such characters, you need to:

  • use NVARCHAR as the datatype for your columns and parameters (@Password isn't NVARCHAR and the CAST you're using to assign the password in the database table isn't using NVARCHAR either, in your sample ...)
  • use the N'....' syntax for indicating Unicode string literals

With those two in place, you should absolutely be able to store and retrieve any valid Unicode character

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜