最新下载
热门教程
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
asp.net Web页执行SQL程序代码
时间:2009-07-23 编辑:简简单单 来源:一聚教程网
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="ManageSQL.aspx.cs" Inherits="manage_ManageSQL" %>
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
http://www.w3.org/1999/xhtml" >
网页执行SQL语句程序manageSql.aspx.cs
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
///
/// Author:walkingp
/// Web Site:http://www.51obj.cn/
/// E-mail:walkingp@126.com
///
public partial class manage_ManageSQL : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
GetTableName();
}
}
#region SqlConnection
///
/// 初始化SqlConnection
///
private static SqlConnection connection;
public static SqlConnection Connection
{
get
{
string connectionString = "server=.;DataBase=model;uid=sa;pwd=;";
if (connection == null)
{
connection = new SqlConnection(connectionString);
connection.Open();
}
else if (connection.State == System.Data.ConnectionState.Closed)
{
connection.Open();
}
else if (connection.State == System.Data.ConnectionState.Broken)
{
connection.Close();
connection.Open();
}
return connection;
}
}
///
/// 执行Sql
///
/// Sql
///
public static int ExecuteCommand(string safeSql)
{
SqlCommand cmd = new SqlCommand(safeSql, Connection);
int result = cmd.ExecuteNonQuery();
return result;
}
///
/// 执行Sql(overload)
///
/// Sql
/// SqlParameter
///
public static int ExecuteCommand(string sql, params SqlParameter[] values)
{
SqlCommand cmd = new SqlCommand(sql, Connection);
cmd.Parameters.AddRange(values);
return cmd.ExecuteNonQuery();
}
///
/// 获取DataTable
///
/// Sql
///
public static DataTable GetDataSet(string safeSql)
{
DataSet ds = new DataSet();
SqlCommand cmd = new SqlCommand(safeSql, Connection);
SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(ds);
return ds.Tables[0];
}
#endregion
///
/// 获取数据表结构
///
protected void GetTableName()
{
DataTable dt = Connection.GetSchema("Tables", null);
Connection.Close();
grdTable.DataSource = dt;
grdTable.DataBind();
}
///
/// 执行操作
///
///
///
protected void btnExeSql_Click(object sender, EventArgs e)
{
string sql = txtSQL.Text.Trim().ToLower();
int intExeNum;
try
{
if (sql.Substring(0, 6).IndexOf("select") != -1)
{
DataTable dt = GetDataSet(sql);
grdSQL.DataSource = dt;
grdSQL.DataBind();
lblExeNum.Text = "返回记录条数:" + dt.Rows.Count + "";
grdSQL.Visible = true;
}
else if (sql.Substring(0, 6).IndexOf("delete") != -1 || sql.Substring(0, 6).IndexOf("update") != -1 || sql.Substring(0, 8).IndexOf("truncate") != -1)
{
intExeNum = ExecuteCommand(sql);
lblExeNum.Text = "影响行数:" + intExeNum + "";
grdSQL.Visible = false;
}
}
catch (Exception ex)
{
ClientScript.RegisterStartupScript(typeof(string), "", "document.write("
抱歉,系统发生了错误……错误信息:" + ex.Message.Replace(""", "'") + "
")", true);}
}
///
/// 执行按钮可用
///
///
///
protected void txtSQL_TextChanged(object sender, EventArgs e)
{
btnExeSql.Enabled = true;
}
}
-
上一个: asp.net sql防注入代码
-
下一个: asp.net最强sql防注入代码
相关文章
- C#复制数组的两种方式及效率比较解读 10-24
- ASP.NET Identity用法解析 10-24
- ASP.NET MVC使用Identity增删改查用户介绍 10-24
- C语言中atoi函数模拟实现介绍 10-18
- .Net反向代理组件Yarp用法介绍 10-10
- .NET使用YARP通过编码方式配置域名转发实现反向代理教程 10-10