SQLCommand's safety writing

zhaozj2021-02-16  79

In order to prevent SQL attacks, it should be paired with the login, etc.

SqlConnection objConnection = new SqlConnection (_ConnectionString); objConnection.Open (); SqlCommand objCommand = new SqlCommand ( "SELECT * FROM User WHERE Name = @Name AND Password = @Password", objConnection); objCommand.Parameters.Add ( "@ Name ", NametextBox.text); Objcommand.Parameters.add (" @ password ", passwordTextBox.text); sqldataareader objreader = objcommand.executeReader (); if (ObjReader.Read ()) {

转载请注明原文地址:https://www.9cbs.com/read-12496.html

New Post(0)