ADO.NET三个经典案例
程序要和数据库交互要通过ADO.NET进行,通过AOD.NET就能在程序中执行SQL了
项目内嵌mdf文件形式的连接字符串 必须加
string dataDir = AppDomain.CurrentDomain.BaseDirectory;
if (dataDir.EndsWith(@"\bin\Debug\")
|| dataDir.EndsWith(@"\bin\Release\"))
{
dataDir = System.IO.Directory.GetParent(dataDir).Parent.Parent.FullName;
AppDomain.CurrentDomain.SetData("DataDirectory", dataDir);
}
ADO.NET经典案例
例1:插入数据:
using (SqlConnection conn = new SqlConnection(@"Data Source=(LocalDB)\v11.0;AttachDbFilename=E:\C#程序\第二阶段\第二阶段\ADO.NET入门\AOD.net.mdf;Integrated Security=True"))
{
conn.Open();
using(SqlCommand cmd=conn.CreateCommand())
{
cmd.CommandText="insert into fuser(username,passwors)values('admin','888');";
cmd.ExecuteNonQuery();
Console.WriteLine("插入成功");
}
}
Console.WriteLine("测试正常");
Console.ReadKey();
列2:登录验证:
Console.WriteLine("输入用户名");
string username= Console.ReadLine();
Console.WriteLine("输入密码");
string password= Console.ReadLine();
using (SqlConnection coon = new SqlConnection(@"Data Source=(LocalDB)\v11.0;AttachDbFilename=E:\C#程序\第二阶段\第二阶段\ADO.NET入门\AOD.net.mdf;Integrated Security=True"))
{
coon.Open();
using(SqlCommand cmd=coon.CreateCommand())//创建与数据库交谈的命令
{
cmd.CommandText = "select *from fuser where username='"+username+"'";//先到表中查用户输入的用户名对应的信息
using( SqlDataReader reader=cmd.ExecuteReader())
{
if (reader.Read())
{
//用户名存在
string dbpass = reader.GetString(reader.GetOrdinal("passwors"));//比较数据库中记录的密码和用户输入的密码是否一致
if (password == dbpass)
{
Console.WriteLine("登录成功");
}
else { Console.WriteLine("密码错误"); }
}
else
{
Console.WriteLine("用户名错误");
}
}
}
}
Console.WriteLine("测试正常");
Console.ReadKey();
例3登录验证参数化查询:防止注入漏洞:
连接数据库onsole.WriteLine("请输入用户名");
string username = Console.ReadLine();
Console.WriteLine("请输入密码");
string password = Console.ReadLine();
using (SqlConnection coon = new SqlConnection(@"Data Source=(LocalDB)\v11.0;AttachDbFilename=E:\C#程序\第二阶段\第二阶段\ADO.NET入门\AOD.net.mdf;Integrated Security=True"))
{
coon.Open();
using (SqlCommand cmd = coon.CreateCommand())
{
cmd.CommandText = "select count(*) from fuser where username='" + username + "' and passwors='" + password + "'";
cmd.CommandText = "select count(*) from fuser where username=@zh and passwors=@mm";
cmd.Parameters.Add(new SqlParameter("@zh",username));
cmd.Parameters.Add(new SqlParameter("@mm",password));
int i = Convert.ToInt32(cmd.ExecuteScalar());
if (i > 0) www.2cto.com
{
Console.WriteLine("登录成功");
}
else
{
Console.WriteLine("用户名或密码错误");
}
}
}
*/
Console.WriteLine("测试成功");
Console.ReadKey();