Complete modification and deletion of ADO. NET and ado.net
Complete namespace Modification
{
Class Program
{
Static void Main (string [] args)
{
Bool has = false;
Console. Write ("Enter the user name to be modified :");
String Uname = Console. ReadLine ();
SqlConnection conn = new SqlConnection ("server = ..; database = Data0720; user = sa; pwd = 123 ");
SqlCommand cmd = conn. CreateCommand ();
Cmd. CommandText = "select * from Users where UserName = '" + Uname + "'";
Conn. Open ();
SqlDataReader dr = cmd. ExecuteReader ();
If (dr. HasRows)
{
Has = true;
}
Conn. Close ();
If (has)
{
Console. WriteLine ("[" + Uname + "] user information found, Please modify it ");
Console. Write ("Enter the modified password :");
String Pwd = Console. ReadLine ();
Console. Write ("Enter the nickname after modification :");
String Nname = Console. ReadLine ();
Console. Write ("Enter the modified Gender :");
String Sex = Console. ReadLine ();
Console. Write ("Enter the modified birthday :");
String Birthday = Console. ReadLine ();
Console. Write ("Enter the modified Nationality :");
String Nation = Console. ReadLine ();
// @ Key placeholder
Cmd. CommandText = "update Users set PassWord = @ pwd, NickName = @ nname, Sex = @ sex, Birthday = @ bir, Nation = @ nat where UserName = @ uname ;";
Cmd. Parameters. Clear ();
Cmd. Parameters. Add ("@ pwd", Pwd );
Cmd. Parameters. Add ("@ nname", Nname );
Cmd. Parameters. Add ("@ sex", (Sex = "male ")? "1": "0 ");
Cmd. Parameters. Add ("@ bir", Birthday );
Cmd. Parameters. Add ("@ nat", Nation );
Cmd. Parameters. Add ("@ uname", Uname );
Conn. Open ();
Cmd. ExecuteNonQuery ();
Conn. Close ();
Console. WriteLine ("modified! ");
}
Else
{
Console. WriteLine ("[" + Uname + "] user information not found. Check whether the user name is entered correctly! ");
}
Console. ReadLine ();
}
}
}
Complete namespace modification and deletion _ database String Attack
{
Class Program
{
Static void Main (string [] args)
{
Bool has = false;
Console. Write ("Enter the username to delete :");
String Uname = Console. ReadLine ();
SqlConnection conn = new SqlConnection ("server = ..; database = Data0720; user = sa; pwd = 123 ");
SqlCommand cmd = conn. CreateCommand ();
Cmd. CommandText = "select * from Users where UserName = '" + Uname + "'";
Conn. Open ();
SqlDataReader dr = cmd. ExecuteReader ();
If (dr. HasRows)
{
Has = true;
}
Conn. Close ();
If (has)
{
Console. WriteLine ("[" + Uname + "] user information has been found. Are you sure you want to delete it? (Y/N ):");
String u = Console. ReadLine ();
If (u. ToUpper () = "Y") // confirm to delete
{
Cmd. CommandText = "delete from Users where UserName = '" + Uname + "'";
Conn. Open ();
Cmd. ExecuteNonQuery ();
Conn. Close ();
Console. WriteLine (Uname + "deleted successfully! ");
}
}
Else
{
Console. WriteLine ("[" + Uname + "] user information not found. Check whether the user name is entered correctly! ");
}
Console. ReadLine ();
}
}
}