其他分享
首页 > 其他分享> > oledb access OleDbParameter 防注入,验证用户名密码

oledb access OleDbParameter 防注入,验证用户名密码

作者:互联网

public class DBHelper
    {
       public static string path = Application.StartupPath + "\\data\\0620DataTest.mdb";
       public static string skinPath = Application.StartupPath + "//界面ssk//Longhorn.ssk";

       public static bool isChecked(string strUserName,string PassWord) {
           OleDbConnection conn = new OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" + path);
           string strSql = "SELECT * FROM SystemUsers WHERE 用户名=@UserName AND 密码=@Pwd";
           
           conn.Open();
           OleDbParameter[] para = new OleDbParameter[2];
           para[0] = new OleDbParameter("@UserName", OleDbType.LongVarChar);
           para[0].Value = strUserName;
           para[1] = new OleDbParameter("@Pwd", OleDbType.LongVarChar);
           para[1].Value = PassWord;
           OleDbCommand cmd = new OleDbCommand(strSql, conn);
           cmd.Parameters.Add(para[0]);
           cmd.Parameters.Add(para[1]);

           try
           {
               
               OleDbDataReader reader = cmd.ExecuteReader();
               
               if (reader.HasRows)
               {
                   return true;

               }
               else
               {
                   return false;
               }
           }
           catch (Exception ex)
           {
               MessageBox.Show(ex.ToString());
               return false;
           }
           finally {
               
               conn.Close();
               
           }
           
       }
   

 

标签:oledb,para,access,new,OleDbParameter,public,conn,string
来源: https://blog.csdn.net/deron345/article/details/98611842