你的位置:首页 > ASP.net教程

[ASP.net教程]ADO.NET 完整的修改和删除


namespace 完整修改
{
class Program
{
static void Main(string[] args)
{
bool has = false;

Console.Write("请输入要修改的用户名:");
string Uname = Console.ReadLine();

SqlConnection conn = new SqlConnection("server=.;database=Data0720;user=sa;pwd=123");
SqlCommand cmd = conn.CreateCommand();
cmd.CommandText = "select *from Users where UserName='" + Uname + "'";
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
has = true;
}
conn.Close();

if (has)
{
Console.WriteLine("已经查到[" + Uname + "]用户信息,请进行修改");
Console.Write("请输入修改后的密码:");
string Pwd = Console.ReadLine();
Console.Write("请输入修改后的昵称:");
string Nname = Console.ReadLine();
Console.Write("请输入修改后的性别:");
string Sex = Console.ReadLine();
Console.Write("请输入修改后的生日:");
string Birthday = Console.ReadLine();
Console.Write("请输入修改后的民族:");
string Nation = Console.ReadLine();

//@key 占位符
cmd.CommandText = " update Users set PassWord=@pwd,NickName=@nname,Sex=@sex,Birthday=@bir,Nation=@nat where UserName=@uname;";
cmd.Parameters.Clear();
cmd.Parameters.Add("@pwd", Pwd);
cmd.Parameters.Add("@nname",Nname);
cmd.Parameters.Add("@sex", (Sex=="男")?"1":"0");
cmd.Parameters.Add("@bir", Birthday);
cmd.Parameters.Add("@nat", Nation);
cmd.Parameters.Add("@uname", Uname);

conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
Console.WriteLine("修改完毕!");
}
else
{
Console.WriteLine("未查到[" + Uname + "]用户信息,请确认用户名输入是否正确!");
}

Console.ReadLine();

}

}
}

 

 

namespace 完整修改删除_数据库字符串攻击
{
class Program
{
static void Main(string[] args)
{
bool has = false;

Console.Write("请输入要删除的用户名:");
string Uname = Console.ReadLine();

SqlConnection conn = new SqlConnection("server=.;database=Data0720;user=sa;pwd=123");
SqlCommand cmd = conn.CreateCommand();
cmd.CommandText = "select *from Users where UserName='" + Uname + "'";
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
has = true;
}
conn.Close();

if (has)
{
Console.WriteLine("已经查到[" + Uname + "]用户信息,是否确定要删除吗?(Y/N):");
string u = Console.ReadLine();
if (u.ToUpper() == "Y")//确定删除
{
cmd.CommandText = "delete from Users where UserName='" + Uname + "'";
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
Console.WriteLine(Uname + "删除成功!");
}
}
else
{
Console.WriteLine("未查到[" + Uname + "]用户信息,请确认用户名输入是否正确!");
}

Console.ReadLine();
}
}
}