zoukankan      html  css  js  c++  java

  • 操作数据库(防注入攻击)

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text;
    using System.Threading.Tasks;
    using System.Data.SqlClient;

    namespace ConsoleApplication1
    {
    class Program
    {
    static void Main(string[] args)
    {
    Console.WriteLine("请输入要查询的汽车代号:");
    string code = Console.ReadLine();
    SqlConnection conn = new SqlConnection("server=.;database=mydb;user=sa;pwd=1023823348");
    SqlCommand cmd = conn.CreateCommand();
    cmd.CommandText = "select * from car where code=@code";
    cmd.Parameters.Clear();
    cmd.Parameters.AddWithValue("@code",code);
    conn.Open();
    SqlDataReader dr = cmd.ExecuteReader();
    if (dr.HasRows)
    {
    while (dr.Read())
    {
    Console.WriteLine(dr[0] + "--" + dr[1]);
    Console.WriteLine("输入1删除该数据 输入2修改数据 输入3添加数据");
    }
    int a = int.Parse(Console.ReadLine());
    dr.Close();
    if (a == 1)
    {
    cmd.CommandText = "delete from car where Code=@code";
    cmd.ExecuteNonQuery();
    Console.WriteLine("删除成功!");
    }
    else if (a == 2)
    {
    Console.WriteLine("请输入内容");
    string name = Console.ReadLine();
    cmd.CommandText = "update car set name=@name where code=@code ";
    cmd.Parameters.Clear();
    cmd.Parameters.AddWithValue("@name", name);
    cmd.Parameters.AddWithValue("@code", code);
    cmd.ExecuteNonQuery();
    Console.WriteLine("修改成功!");
    }
    else if (a == 3)
    {
    Console.WriteLine("请输入");
    string code2 = Console.ReadLine();
    Console.WriteLine("请输入内容名字");
    string name = Console.ReadLine();
    Console.WriteLine("请输入系列编号");
    string brand = Console.ReadLine();
    Console.WriteLine("请输入内容日期");
    string time = Console.ReadLine();
    Console.WriteLine("请输入内容油耗*.**");
    double oil =double.Parse( Console.ReadLine());
    Console.WriteLine("请输入内容马力");
    int powers = int.Parse(Console.ReadLine());
    Console.WriteLine("请输入内容");
    int exhaust = int.Parse(Console.ReadLine());
    Console.WriteLine("请输入内容");
    double price =double.Parse( Console.ReadLine());
    Console.WriteLine("请输入内容");
    string pic = Console.ReadLine();

    cmd.CommandText = "insert into car values( @code,@name,@brand,@time,@oil,@powers,@exhaust,@price,@pic)";
    cmd.Parameters.Clear();
    cmd.Parameters.AddWithValue("@code", code2);
    cmd.Parameters.AddWithValue("@name", name);
    cmd.Parameters.AddWithValue("@brand", brand);
    cmd.Parameters.AddWithValue("@time", time);
    cmd.Parameters.AddWithValue("@oil", oil);
    cmd.Parameters.AddWithValue("@powers", powers);
    cmd.Parameters.AddWithValue("@exhaust", exhaust);
    cmd.Parameters.AddWithValue("@price", price);
    cmd.Parameters.AddWithValue("@pic", pic);
    cmd.ExecuteNonQuery();
    Console.WriteLine("添加成功!");
    }
    else
    {
    Console.WriteLine("错误");
    }
    }
    else
    {
    Console.WriteLine("没有查到相应的数据");
    }

    conn.Close();
    Console.ReadLine();

    }
    }

    }
  • 相关阅读:
    「题解」洛谷 P1169 [ZJOI2007]棋盘制作
    「题解」洛谷 P4147 玉蟾宫
    dsu on tree 学习笔记
    [USACO08FEB]Hotel G「线段树」
    城市环路「树形DP」
    Siano「线段树」
    Emiya 家今天的饭「容斥+DP」
    Matlab调用其他文件夹下的函数
    基于小波金字塔的简单图像融合算法matlab实现
    知网引文网络使用方法
  • 原文地址:https://www.cnblogs.com/shi2172843/p/5775004.html
Copyright © 2011-2022 走看看