易截截图软件、单文件、免安装、纯绿色、仅160KB

asp.net(c#) 下SQL存储过程使用详细实例

记取记录集
create procedure getArticle
as
select * from Article_Content
GO
asp.net 调用方法
  SqlConnection Conn = new SqlConnection();
        Conn.ConnectionString = Data.Connstr();
        Conn.Open();
        SqlDataAdapter sdr=new SqlDataAdapter();
        sdr.SelectCommand = new SqlCommand("getArticle", Conn);
        sdr.SelectCommand.CommandType=CommandType.StoredProcedure;
        DataSet rs = new DataSet();
        sdr.Fill(rs);
        sdr.Dispose();
        Conn.Dispose();
        Response.Write(rs.Tables[0].Rows.Count);
       
-------------------------------------------------------------------------------------
删除记录(带输入参数)
create procedure DelArticle
@Id int
as
delete from Article_Content where Id=@Id
GO
asp.net调用方法
 if (Request.QueryString["Id"] != null)
        {
            SqlConnection Conn = new SqlConnection();
            Conn.ConnectionString = Data.Connstr();
            Conn.Open();
            SqlCommand cmd = new SqlCommand("DelArticle", Conn);
            cmd.CommandType = CommandType.StoredProcedure;
            cmd.Parameters.Add("@Id", SqlDbType.Int,4).Value = int.Parse(Request.QueryString["Id"].ToString());
     &


相关文档:

SQL 防注入式攻击

1、检查是否有非法字符
public static boolean sql_inj(String str)
{
    String inj_str = "'|and|exec|insert|select|delete|update|
count|*|%|chr|mid|master|truncate|char|declare|;|or|-|+|,";
//这里的东西还可以自己添加
String[] inj_stra=inj_str.split("\\|");
    for ......

asp.net C#命名参数SqlParameter详解

DBHelper:
         /// <summary>
        /// 执行查询
        /// </summary>
        /// <param name="sql">有效的select语句</param ......

ASP.NET中利用JS实现图片滚动

               JS代码:
 
                           <script type="text/javascript" languag ......
© 2009 ej38.com All Rights Reserved. 关于E健网联系我们 | 站点地图 | 赣ICP备09004571号