1.SQL注入漏洞攻击
protected void Button1_Click(object sender, EventArgs e)
{
string constr = "data source=pc-20120907sdqu;initial catalog=shool;user id=sa;password=admin";
using (SqlConnection con = new SqlConnection(constr))
{ //注入SQL注入漏洞攻击
// string sql = string.Format("select count(*) from T_Users where FuserName='{0}'and Fpassword='{1}'",txtUserName.Text.Trim(),txtPassword.Text);
string sql = "select count(*) from T_Users where FuserName=@usernaem and Fpassword=@password";
using (SqlCommand cmd = new SqlCommand(sql, con))
{
con.Open();
//ADO参数替换的方法避免了注入漏洞攻击
cmd.Parameters.AddWithValue("@username", txtUserName.Text.Trim());
cmd.Parameters.AddWithValue("@username",txtPassword.Text);
int r=Convert.ToInt32(cmd.ExecuteScalar());
con.Close();
if(r>0)
{
Response.Write("登陆成功!");
}
else
{
Response.Write("登陆失败!");
}
}
}
}
}
2.数据库导入导出
namespace Sql注入漏洞攻击
{
public partial class 数据导入到出 : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
string constr = "data source=.;initial catalog=UserDB1;User id=sa;password=admin";
using (SqlConnection con = new SqlConnection(constr))
{
string sql = "select * from T_Users";
using (SqlCommand cmd = new SqlCommand(sql, con))
{
con.Open();
using (SqlDataReader reader = cmd.ExecuteReader())
{
//1判断是否查询出数据
if (reader.HasRows)
{
//有数据被查询出
//当有数据的时候,就创建文本文件,并向其中写入数据。
using (StreamWriter sw = new StreamWriter(@"E:\2012netClassPtractice\ADO详解\Sql注入漏洞攻击\tblUsers.txt"))
{
while (reader.Read())
{
object objUserName = reader.GetValue(1);
object objPassword = reader.GetValue(2);
string line = string.Format("{0},{1}", objUserName, objPassword);
sw.WriteLine(line);
}
Response.Write("导出完毕!");
}
}
else
{
Response.Write("数据表中没有数据,没有导出任何数据!");
}
}
}
}
}
protected void Button2_Click(object sender, EventArgs e)
{
//1把文本文件导入到数据库的数据表中,先读取文本文件,然后再插入到数据库的数据表中。
using ( StreamReader sr = new StreamReader(@"E:\2012netClassPtractice\ADO详解\Sql注入漏洞攻击\tblUsers.txt"))
{
string constr = "data source=.;initial catalog=UserDB1;User id=sa;password=admin";
using (SqlConnection con = new SqlConnection(constr))
{
string sql = "insert into T_Users (FuserName,Fpassword) values(@username,@password)";
using (SqlCommand cmd = new SqlCommand(sql, con))
{
//解决方案2,在循环外定义 参数变量,在循环内赋值。
SqlParameter p1 = new SqlParameter("@username", System.Data.SqlDbType.VarChar);
SqlParameter p2 = new SqlParameter("@password", System.Data.SqlDbType.VarChar);
cmd.Parameters.Add(p1);
cmd.Parameters.Add(p2);
while (!sr.EndOfStream)
{
string line = sr.ReadLine();
string[] columns = line.Split(',');
#region 测试是否读出了文本文件
//Response.Write(columns[0]+" "+columns[1]+"<br>");
#endregion
#region 将读出的内容放到数据库中
//SqlParameter p1 = new SqlParameter("@username",columns[0]);
//SqlParameter p2 = new SqlParameter("@password", columns[1]);
con.Open();
p1.Value = columns[0];
p2.Value = columns[1];
cmd.ExecuteNonQuery();
//cmd.Parameters.Clear();//解决方法1。
con.Close();
#endregion
}
Response.Write("导入到数据库已完毕");
}
}
}
}
}
}