该类已有更新,请参考:
http://www.cnblogs.com/squirrel_sc/archive/2004/11/04/60447.html
该代码用于断开情况下操作数据库。操作分为:读取单条记录、读取多条记录、分页读取记录、执行sql语句、处理字符类型注入攻击过滤。其中分页读取记录是通过存储过程用sql server的api来执行的,明后天再贴上来。
但没有封装存储过程的操作,因为存储过程要传入传出参数。
封装以后的好处是开发起来更快捷,不用每次访问数据库都要写上创建connection对象,command对象等语句。因为整个架构都是在MS上的,所以没有考虑可移植性,可能这方面还有些需要改进的地方。
Public Class DataDriver
Private Shared _connString As String
Private Shared Function GetConnString() As String
If (_connString Is Nothing) Then _connString = System.Configuration.ConfigurationSettings.AppSettings("ConnectionString") End If Return _connString
End Function '过滤单引号',防止sql注入攻击 Public Shared Function DealSqlStr(ByVal strInput As String) As String Dim strTemp As String strTemp = strInput If (strTemp <> Nothing AndAlso strTemp.Length > 0) Then strTemp = strTemp.Replace("'", "''") Else strTemp = "" End If Return strTemp End Function '分页获取数据 Public Shared Function GetPage(ByVal col As String, ByRef table As String, ByRef dt As System.Data.DataTable, Optional ByVal page As Integer = 1, Optional ByVal condition As String = "", Optional ByVal order As String = "", Optional ByVal pageSize As Integer = 20) As Integer Dim sql As String = "Select " + col + " from " + table If (condition <> "") Then sql += " where " + condition End If If (order <> "") Then sql += " order by " + order End If Return GetPage(sql, dt, page, pageSize) End Function '分页获取数据 Public Shared Function GetPage(ByVal sql As String, ByRef dt As System.Data.DataTable, ByVal page As Integer, ByVal pageSize As Integer) As Integer Dim objConn As New SqlConnection(GetConnString()) Dim objCommand As New SqlCommand("xp_GetPage", objConn) Dim ds As New DataSet Dim recordCount As Integer objCommand.CommandType = CommandType.StoredProcedure objCommand.Parameters.Add("@sql", sql) objCommand.Parameters.Add("@page", page) objCommand.Parameters.Add("@pageSize", pageSize) objCommand.Parameters.Add("@needCount", 1) Dim objDA As New SqlDataAdapter("", objConn) objDA.SelectCommand = objCommand objDA.Fill(ds) dt = ds.Tables(1) recordCount = ds.Tables(2).Rows(0).Item(0) Return recordCount End Function '获取单行数据 Public Shared Sub GetOneRow(ByVal col As String, ByVal table As String, ByRef dr As System.Data.DataRow, Optional ByVal condition As String = "") Dim sql As String = "Select top 1 " + col + " from " + table If (condition <> "") Then sql += " where " + condition End If GetOneRow(sql, dr) End Sub '获取单行数据,如统计值等 Public Shared Sub GetOneRow(ByVal sql As String, ByRef dr As System.Data.DataRow) Dim dt As New DataTable GetRows(sql, dt) If (dt.Rows.Count > 0) Then dr = dt.Rows(0) End If End Sub '获取多行数据 Public Shared Sub GetRows(ByVal sql As String, ByRef dt As System.Data.DataTable) Dim objConn As New SqlConnection(GetConnString()) Dim objDA As New SqlDataAdapter(sql, objConn) objDA.Fill(dt) End Sub '执行sql语句 Public Shared Sub ExecuteSql(ByVal sql As String) Dim objConn As New SqlConnection(GetConnString()) Dim objCmd As New SqlCommand(sql, objConn) objConn.Open() Try objCmd.ExecuteNonQuery() Catch ex As System.Data.SqlClient.SqlException If (ex.ToString().IndexOf("超时时间已过") > 0) Then objCmd.ExecuteNonQuery() End If End Try objConn.Close() End Sub
End Class
欢迎批评、指正、评论。