oledb access OleDbParameter 防注入,验证用户名密码
作者:互联网
public class DBHelper
{
public static string path = Application.StartupPath + "\\data\\0620DataTest.mdb";
public static string skinPath = Application.StartupPath + "//界面ssk//Longhorn.ssk";
public static bool isChecked(string strUserName,string PassWord) {
OleDbConnection conn = new OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" + path);
string strSql = "SELECT * FROM SystemUsers WHERE 用户名=@UserName AND 密码=@Pwd";
conn.Open();
OleDbParameter[] para = new OleDbParameter[2];
para[0] = new OleDbParameter("@UserName", OleDbType.LongVarChar);
para[0].Value = strUserName;
para[1] = new OleDbParameter("@Pwd", OleDbType.LongVarChar);
para[1].Value = PassWord;
OleDbCommand cmd = new OleDbCommand(strSql, conn);
cmd.Parameters.Add(para[0]);
cmd.Parameters.Add(para[1]);
try
{
OleDbDataReader reader = cmd.ExecuteReader();
if (reader.HasRows)
{
return true;
}
else
{
return false;
}
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
return false;
}
finally {
conn.Close();
}
}
标签:oledb,para,access,new,OleDbParameter,public,conn,string 来源: https://blog.csdn.net/deron345/article/details/98611842