zoukankan      html  css  js  c++  java
  • 操作数据库(防注入攻击)

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text;
    using System.Threading.Tasks;
    using System.Data.SqlClient;

    namespace ConsoleApplication1
    {
    class Program
    {
    static void Main(string[] args)
    {
    Console.WriteLine("请输入要查询的汽车代号:");
    string code = Console.ReadLine();
    SqlConnection conn = new SqlConnection("server=.;database=mydb;user=sa;pwd=1023823348");
    SqlCommand cmd = conn.CreateCommand();
    cmd.CommandText = "select * from car where code=@code";
    cmd.Parameters.Clear();
    cmd.Parameters.AddWithValue("@code",code);
    conn.Open();
    SqlDataReader dr = cmd.ExecuteReader();
    if (dr.HasRows)
    {
    while (dr.Read())
    {
    Console.WriteLine(dr[0] + "--" + dr[1]);
    Console.WriteLine("输入1删除该数据 输入2修改数据 输入3添加数据");
    }
    int a = int.Parse(Console.ReadLine());
    dr.Close();
    if (a == 1)
    {
    cmd.CommandText = "delete from car where Code=@code";
    cmd.ExecuteNonQuery();
    Console.WriteLine("删除成功!");
    }
    else if (a == 2)
    {
    Console.WriteLine("请输入内容");
    string name = Console.ReadLine();
    cmd.CommandText = "update car set name=@name where code=@code ";
    cmd.Parameters.Clear();
    cmd.Parameters.AddWithValue("@name", name);
    cmd.Parameters.AddWithValue("@code", code);
    cmd.ExecuteNonQuery();
    Console.WriteLine("修改成功!");
    }
    else if (a == 3)
    {
    Console.WriteLine("请输入");
    string code2 = Console.ReadLine();
    Console.WriteLine("请输入内容名字");
    string name = Console.ReadLine();
    Console.WriteLine("请输入系列编号");
    string brand = Console.ReadLine();
    Console.WriteLine("请输入内容日期");
    string time = Console.ReadLine();
    Console.WriteLine("请输入内容油耗*.**");
    double oil =double.Parse( Console.ReadLine());
    Console.WriteLine("请输入内容马力");
    int powers = int.Parse(Console.ReadLine());
    Console.WriteLine("请输入内容");
    int exhaust = int.Parse(Console.ReadLine());
    Console.WriteLine("请输入内容");
    double price =double.Parse( Console.ReadLine());
    Console.WriteLine("请输入内容");
    string pic = Console.ReadLine();

    cmd.CommandText = "insert into car values( @code,@name,@brand,@time,@oil,@powers,@exhaust,@price,@pic)";
    cmd.Parameters.Clear();
    cmd.Parameters.AddWithValue("@code", code2);
    cmd.Parameters.AddWithValue("@name", name);
    cmd.Parameters.AddWithValue("@brand", brand);
    cmd.Parameters.AddWithValue("@time", time);
    cmd.Parameters.AddWithValue("@oil", oil);
    cmd.Parameters.AddWithValue("@powers", powers);
    cmd.Parameters.AddWithValue("@exhaust", exhaust);
    cmd.Parameters.AddWithValue("@price", price);
    cmd.Parameters.AddWithValue("@pic", pic);
    cmd.ExecuteNonQuery();
    Console.WriteLine("添加成功!");
    }
    else
    {
    Console.WriteLine("错误");
    }
    }
    else
    {
    Console.WriteLine("没有查到相应的数据");
    }

    conn.Close();
    Console.ReadLine();

    }
    }

    }

  • 相关阅读:
    SQL having 子句
    sqlserver2008 R2 创建作业(定时任务)
    3步完成chrome切换搜索引擎
    http模拟请求工具
    网页自动加载进度条插件
    span设为inline-block之后,未包含文字时下面会多出一条空白问题
    记一次特殊的下载字体方法
    团队冲刺第十三天
    团队冲刺第十二天
    人月神话03
  • 原文地址:https://www.cnblogs.com/shi2172843/p/5775004.html
Copyright © 2011-2022 走看看