In the Web, security is mainly reflected in two aspects: one is Program Security: prevents malicious webpage insertion. Code The other is database security, which we can often back up the database to achieve.
In this article, I will demonstrate how to back up and restore databases on the web page.
In fact, both backup and restoration of databases are backed up using SQL statements provided by SQL Server.
Backup: use master; backup database @ name to disk = @ path;
Recovery: use master; restore Database @ name from disk = @ path;
The preceding parameterized SQL statement can be used to dynamically assign values to parameters during program execution.
Code:
Background code:
Using system;
Using system. Data;
Using system. configuration;
Using system. collections;
Using system. Web;
Using system. Web. Security;
Using system. Web. UI;
Using system. Web. UI. webcontrols;
Using system. Web. UI. webcontrols. webparts;
Using system. Web. UI. htmlcontrols;
Using system. Data. sqlclient;
///
/// Function Description: This example shows how to back up and restore a database in Asp.net.
/// Backup the database mainly uses the backup statement of the database. Store the database backup file
/// Under the app_data folder.
/// By Zhou Gong
/// Date: 2008-08-19
/// Starting address: http://blog.csdn.net/zhoufoxcn/archive/2008/08/19/2796077.aspx
///
Public partial class databaseaction: system. Web. UI. Page
{
Protected void page_load (Object sender, eventargs E)
{
If (! Page. ispostback)
{
// Bind all databases to the dropdownlist
Sqlconnection connection = new sqlconnection ("Data Source = zhoufoxcn; user id = sa; Password = sa ");
Sqlcommand command = new sqlcommand ("sp_helpdb", connection );
Command. commandtype = commandtype. storedprocedure;
Connection. open ();
Sqldatareader reader = command. executereader ();
Ddldatabaselist. datasource = reader;
Ddldatabaselist. datatextfield = "name ";
Ddldatabaselist. databind ();
Reader. Close ();
Connection. Close ();
}
}
Protected void btnok_click (Object sender, eventargs E)
{
String dbfilename = txtdbfilename. Text. Trim ();
Sqlconnection connection = new sqlconnection ("Data Source = zhoufoxcn; user id = sa; Password = sa ");
String dbname = ddldatabaselist. selectedvalue;
If (! Dbfilename. endswith (". Bak "))
{
Dbfilename + = ". Bak ";
}
If (rbbackup. Checked) // back up the database
{
Sqlcommand command = new sqlcommand ("use master; backup database @ name to disk = @ path;", connection );
Connection. open ();
String Path = server. mappath ("~ \ App_data ") +" \ "+ dbfilename;
Command. Parameters. addwithvalue ("@ name", dbname );
Command. Parameters. addwithvalue ("@ path", PATH );
Command. executenonquery ();
Connection. Close ();
}
Else // restore the database
{
Sqlcommand command = new sqlcommand ("use master; restore Database @ name from disk = @ path;", connection );
Connection. open ();
String Path = server. mappath ("~ \ App_data ") +" \ "+ dbfilename;
Command. Parameters. addwithvalue ("@ name", dbname );
Command. Parameters. addwithvalue ("@ path", PATH );
Command. executenonquery ();
Connection. Close ();
}
}
}
The above code is tested and passed in WindowsXP + visualstudio2005 + SQL Server2000