asp.net database Operation class Code

Source: Internet
Author: User
Tags sql injection trim
The code is as follows Copy Code

Using System;
Using System.Data;
Using System.Configuration;
Using System.Web;
Using System.Web.Security;
Using System.Web.UI;
Using System.Web.UI.WebControls;
Using System.Web.UI.WebControls.WebParts;
Using System.Web.UI.HtmlControls;
Using System.Data.SqlClient;

<summary>
Dataoperate's summary shows the love-Wisdom Corner
</summary>
public class Dataoperate
{
Public Dataoperate ()
{
//
TODO: Add constructor logic here
//
}
<summary>
To create a database connection method
</summary>
<returns> return to SqlConnection object </returns>
public static SqlConnection Createcon ()
{
SqlConnection con = new SqlConnection ("server=.; database=db_message;uid=sa;pwd=; ");
return con;
}
<summary>
Execute SQL statement methods including Delete, INSERT, update
</summary>
<param name= "SQL" > SQL statement to execute </param>
<returns> returns a Boolean value that indicates whether to execute success </returns>
public static bool Execsql (String sql)
{
Creating a database connection
SqlConnection con = Createcon ();
Open a database connection
Con. Open ();
Creating SqlCommand objects
SqlCommand com = new SqlCommand (sql, con);
To determine whether the SQL statement was executed successfully
if (COM. ExecuteNonQuery () > 0)
{
return true;
}
Else
{
return false;
}
}

<summary>
Querying the data method and returning a DataSet object
</summary>
<param name= "SQL" > executed SQL statements </param>
<returns> the DataSet object returned by </returns>
public static DataSet getRows (String sql)
{
Creating a DataSet Object
DataSet ds;
Creating a database connection
SqlConnection con = Createcon ();
Open a database connection
Con. Open ();
Creating SqlDataAdapter objects
SqlDataAdapter SDA = new SqlDataAdapter (sql, con);
Instance DataSet object
ds = new DataSet ();
Populating a DataSet object
Sda. Fill (DS);
To close a database connection
Con. Close ();
return DS;
}

<summary>
Ways to query whether data exists
</summary>
<param name= "SQL" > SQL statement to execute </param>
<returns> returns a Boolean worth of data exists returns true otherwise returns false</returns>
public static bool Isname (String sql)
{
Creating a database connection
SqlConnection con = Createcon ();
Open a database connection
Con. Open ();
Creating SqlCommand objects
SqlCommand com = new SqlCommand (sql, con);
Determine if the data exists and return the corresponding Boolean value
if (Convert.ToInt32 com. ExecuteScalar ()) > 0)
{
return true;
}
Else
{
return false;
}
}
<summary>
Returns the results that require statistical data
</summary>
<param name= "SQL" > SQL statements that need to be queried </param>
<returns> returns an integer variable that represents the result of the statistic </returns>
public static int Countdata (String sql)
{
Creating a database connection
SqlConnection con = Createcon ();
Open a database connection
Con. Open ();
Creating SqlCommand objects
SqlCommand com = new SqlCommand (sql, con);
Return the results of a query
Return Convert.ToInt32 (COM. ExecuteScalar ());

}

<summary>
Implements the user logon method, which prevents SQL injection attacks
</summary>
<param name= "SQL" > SQL statement used to execute </param>
<param name= "name" > User logon name </param>
<param name= "pass" > User password </param>
<returns> returns a Boolean value that indicates whether the login was successful </returns>
public static bool Enter (String sql, string name, String pass)
{
Creating a database connection
SqlConnection con = Createcon ();
Open a database connection
Con. Open ();
Creating SqlCommand objects
SqlCommand com = new SqlCommand (sql, con);
Set the type of the parameter
Com. Parameters.Add (New SqlParameter ("@name", SqlDbType.VarChar, 20));
Set parameter values
Com. parameters["@name"]. Value = name;
Com. Parameters.Add (New SqlParameter ("@pass", SqlDbType.VarChar, 20));
Com. parameters["@pass"]. Value = pass;
Determine if execution succeeds
if (Convert.ToInt32 com. ExecuteScalar ()) > 0)
{
return true;
}
Else
{
return false;
}

}
<summary>
Querying the data method, which returns a SqlDataReader object
</summary>
<param name= "SQL" > Execute SQL statements </param>
<returns> returns a SqlDataReader object </returns>
public static SqlDataReader GetRow (String sql)
{
Creating a database connection
SqlConnection con = Createcon ();
Open a database connection
Con. Open ();
Creating SqlCommand objects
SqlCommand com = new SqlCommand (sql, con);
Gets the SqlDataReader object returned by ExecuteReader
SqlDataReader SDR = com. ExecuteReader ();
Return to SDR;
}

<summary>
Set the display style for time
</summary>
<param name= "str" > indicates the time that needs to be displayed </param>
<returns> returns the modified time style </returns>
public static string strdate (DateTime str)
{
Set the display style for time
Return str. Tolongdatestring () + str. Hour + "hour" + str. Minute + "min" + str. Second + "seconds";
}
<summary>
Filter Character method
</summary>
<param name= "str" > the string to be filtered </param>
<returns> returns the filtered string </returns>
public static string filtratehtml (String str)
{
str = str. Trim ();
str = str. Replace ("'", "&quot;");
str = str. Replace ("<", "&lt;");
str = str. Replace (">", "&gt;");
str = str. Replace ("", "&nbsp;");
str = str. Replace ("n", "<br>");
return str;
}
<summary>
Recovery string
</summary>
<param name= "str" > the string to be recovered </param>
<returns> returns the recovered string </returns>
public static string resumehtml (String str)
{
str = str. Trim ();
str = str. Replace ("&quot;", "'");
str = str. Replace ("&lt;", "<");
str = str. Replace ("&gt;", ">");
str = str. Replace ("&nbsp;", "");
str = str. Replace ("<br>", "n");
return str;
}

}

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.