密码防注入,,,,,

   static void Main(string[] args)

        {

            using (SqlConnection conn=new SqlConnection (@"Data Source=DELL\SQL;Initial Catalog=ADO.net;Integrated Security=True"))

            {

                conn.Open();

                using (SqlCommand cmd=conn.CreateCommand ())

                {

                    cmd.CommandText = "insert into kk (Usename,Password)output inserted.id values('a','b')";

                    int i = Convert.ToInt32(cmd.ExecuteScalar());

                    Console.WriteLine("插入的id是{0}", i);

                    Console.WriteLine("OK");

      Console.WriteLine("请输入用户名");

            string usename=Console .ReadLine();

            Console .WriteLine ("请输入密码");

            string password=Console .ReadLine ();

 

            using (SqlConnection conn = new SqlConnection(@"Data Source=DELL\SQL;Initial Catalog=ADO.net;Integrated Security=True"))

            {

                conn.Open();

                using (SqlCommand cmd=conn.CreateCommand ())

                {

                    cmd.CommandText = "select count(*) from kk where Usename=@UN and Password=@P";

                    cmd.Parameters.Add(new SqlParameter("Un", usename));

                    cmd.Parameters.Add(new SqlParameter("P", password));

                    int i = Convert.ToInt32(cmd.ExecuteScalar());

                    if (i>0)

                    {

                        Console.WriteLine("登陆成功");

                    }

                    else

                    {

                        Console.WriteLine("登陆失败");

                    }

                }

                Console.ReadKey();

posted on 2013-12-18 14:33  独钓寒江雪kc  阅读(212)  评论(0)    收藏  举报
博客园  ©  2004-2025
浙公网安备 33010602011771号 浙ICP备2021040463号-3