zoukankan      html  css  js  c++  java

  • 数据库连接字符串

    一:可以直接编写:

    无验证:

    string connectionString = "data source = (local); database = TEMP; integrated security = true";

    使用验证:

    Data Source = myServerAddress;Initial Catalog = myDataBase;User Id = myUsername;Password = myPassword;


    二:可以使用SqlConnectionStringBuilder编写:

    SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder();

    builder.DataSource = "";
    builder.InitialCatalog = "";
    builder.IntegratedSecurity = true;

    string connectionString = builder.ConnectionString;


    三:还可以在web.config文件中编写:

    首先引入命名空间:

    using System.Configuration;

    web.config:

    <connectionStrings>
    <add name="connectionString" connectionString="data source = (local); database = TEMP; integrated security = true"/>
    </connectionStrings>


    连接字符串:

    string connectionString = ConfigurationManager.ConnectionStrings["connectionString"].ConnectionString;


    这种方法编写,可以随时修改数据库的账号密码。


    四:另一种web.config文件编写:

    首先要在配置文件web.config中写入以下代码,此处注意了,跟原来写的连接字符串不同:

    1 <connectionStrings>
    2 <clear/>
    3 <add name="partialConnectString"
    4 connectionString="Initial Catalog=Northwind;"
    5 providerName="System.Data.SqlClient" />
    6 </connectionStrings>

    其中,写入的是providerName字段,跟原来的不同。

    然后就可以在.cs文件中编写连接程序了:

    可以自定义一个连接字符串方法BuildConnectionString():

    1 public string void BuildConnectionString(string dataSource,string userName, string userPassword)
    2 {
    3 ConnectionStringSettings settings =
    4 ConfigurationManager.ConnectionStrings["partialConnectString"];
    5
    6 if (null != settings)
    7 {
    8 string connectString = settings.ConnectionString;
    9
    10 SqlConnectionStringBuilder builder =
    11 new SqlConnectionStringBuilder(connectString);
    12
    13 builder.DataSource = dataSource;
    14 builder.UserID = userName;
    15 builder.Password = userPassword;
    16 return (builder.ConnectionString);
    17 }
    18 }

    其中,传入“数据源”、“用户名”、“密码”。然后返回连接字符串。

    这个就是用配置文件编写连接字符串的方法。


    五:防止连接字符串的参数注入:

    使用sqlConnectionStringBuilder来处理 Initial Catalog 设置插入的额外值:

    1 System.Data.SqlClient.SqlConnectionStringBuilder builder = new System.Data.SqlClient.SqlConnectionStringBuilder();
    2 builder["Data Source"] = "(local)";
    3 builder["integrated Security"] = true;
    4 builder["Initial Catalog"] = "AdventureWorks;NewValue=Bad";
    5 string connectionString = builder.ConnectionString;

    其中,;NewValue=Bad就是注入的其他字符串,如果不加处理直接运行,会出错。这种情况下,就可以使用builder构造链接字符串。
  • 相关阅读:
    洛谷P3796
    cf1291c-Mind Control
    莫比乌斯函数
    C. Mixing Water(三分)
    E. Modular Stability(思维构造)
    【美团杯2020】平行四边形
    原根定义
    E. Are You Fired?(思维)
    102606C. Coronavirus Battle time limit per test4 seconds(三维拓扑序)
    E
  • 原文地址:https://www.cnblogs.com/KTblog/p/4471654.html
Copyright © 2011-2022 走看看