加密传值
在DAL层中
public static UserInfo Select(string name, string pwd)
{
var sql = $"select * from UserInfo where name=@name and pwd=@pwd";
SqlParameter[] sqlParameter =
{
new SqlParameter("@name",name),
new SqlParameter("@pwd",pwd)
};
var table = DB.Select(sql,sqlParameter);
DBHELPER类中
public static DataTable Select(string sql,params SqlParameter[] sqlParameters)
{
using(SqlDataAdapter adapter = new SqlDataAdapter(sql, connstr))
{
if(sqlParameters !=null && sqlParameters.Count() > 0)
adapter.SelectCommand.Parameters.AddRange(sqlParameters);
using(DataTable table = new DataTable())
{
adapter.Fill(table);
return table;
}
}
}
public static int zsg(string sql, params SqlParameter[] sqlParameters)
{
using(SqlConnection conn=new SqlConnection(connstr))
{
using(SqlCommand comm=new SqlCommand(sql, conn))
{
if (sqlParameters != null && sqlParameters.Count() > 0)
comm.Parameters.AddRange(sqlParameters);
conn.Open();
return comm.ExecuteNonQuery();
}
}
}