CREATE procedure procUserAuthorized
	@strUserID varchar(100), 
	@password varchar(100)
as

declare @CryptPassword as varchar(100),
	@UserID as int

select @UserID = intEmployeeID
from EmployeeInfo
where vcUserName = @strUserID

if @@rowcount <> 1
begin
	select 'ERROR: Invalid Username or Password!'
	return
end


select @password = ltrim(rtrim(@password)), @strUserID = ltrim(rtrim(@strUserID))

EXEC  procCryptPassword @strUserID, @password, @strCrypt = @CryptPassword OUTPUT

if exists (SELECT * FROM EmployeeAuthentication
	WHERE intEmployeeID = @UserID 
		AND vcPassword  = @CryptPassword)

	SELECT 'User Authorized', intEmployeeID, intPermissions
	FROM EmployeeAuthentication 
	WHERE intEmployeeID = @UserID 
		AND vcPassword  = @CryptPassword
else
	select 'ERROR: Invalid Username or Password!'