可以重复调用的类,验证用户名和密码,防sql注入
具体步骤:
1.里面创建数据库连接
2.打开数据库连接
3.创建数据库执行脚本,sqlcommand
4.执行脚本
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data.SqlClient;
using System.Configuration;
namespace WindowsFormsApplication1
{
class DBHelp
{
/// <summary>
/// 验证用户登录信息
/// </summary>
/// <param name="Id"></param>用户名
/// <param name="Pwd"></param>密码
public static int sqlUerCheck(string Id,string Pwd)
{
// 1、创建数据库连接
using (SqlConnection sqlconn = new SqlConnection())
{
// 1.1 使用 构建连接类的构建字符串
SqlConnectionStringBuilder connstrBuilder = new SqlConnectionStringBuilder();
connstrBuilder.DataSource = "ZB-LHX";
connstrBuilder.InitialCatalog = "DAGLXT";
connstrBuilder.UserID = "sa";
connstrBuilder.Password = "123456";
string connStr = connstrBuilder.ConnectionString;
// 1.2使用app.config配置文件中的配置字符串进行数据库连接
//string connStr = ConfigurationManager.ConnectionStrings["conStr"].ConnectionString;
// 2、打开数据库连接
sqlconn.ConnectionString = connStr;
sqlconn.Open();
//创建传递参数 以防止sql注入
SqlParameter[] paras = new SqlParameter[]
{
new SqlParameter("@UserId",Id),
new SqlParameter("@UserPwd",Pwd)
};
string sqlstr1 = "select count(1) from use_login where UserId = @UserId and PassWord = @UserPwd";
// 3、创建数据库执行脚本(执行命令sqlcommand)
SqlCommand sqlCmd = new SqlCommand(sqlstr1, sqlconn);
sqlCmd.Parameters.AddRange(paras);
// 4 执行脚本
int result = (int)sqlCmd.ExecuteScalar();
return result;
}
}
/// <summary>
/// 返回多行多列
/// </summary>
/// <param name="sql">sql脚本</param>
/// <param name="paras">查询参数</param>
/// <returns></returns>
public static int ExecuteScalar(string sql, params SqlParameter[] paras)
{
string connStr = ConfigurationManager.ConnectionStrings["conStr"].ConnectionString;
//1 创建数据库连接对象
SqlConnection conn = new SqlConnection(connStr);
conn.Open();
//2 创建执行脚本的对象
SqlCommand cmd = new SqlCommand(sql,conn);
cmd.Parameters.AddRange(paras);//添加参数
int result =(int) cmd.ExecuteScalar();
conn.Close();
return result;
}
}
}