SqlSuper框架

/*
sql防注入
select * from info where name=1001 and pwd=123456
1.屏蔽特殊符号
2.参数化
*/
/*
using引入命名空间
垃圾自动回收
命名空间起别名
*/

private static string strCoon = ConfigurationManager.ConnectionStrings["TestconnectionString"].ConnectionString;
/// <summary>
/// 查询
/// </summary>
/// <param name="sql">查询语句</param>
/// <param name="sqlParameters">参数列表</param>
/// <returns></returns>
public static DataTable Query(string sql,params SqlParameter[] sqlParameters)
{
DataTable table = new DataTable();
SqlDataAdapter dataAdapter = new SqlDataAdapter(sql,strCoon);
if (sqlParameters.Length>0)
{
dataAdapter.SelectCommand.Parameters.AddRange(sqlParameters);
}
dataAdapter.Fill(table);
return table;
}
/// <summary>
/// 单条查询
/// </summary>
/// <param name="sql"></param>
/// <param name="sqlParameters"></param>
/// <returns></returns>
public static SqlDataReader Reader(string sql, params SqlParameter[] sqlParameters)
{
SqlConnection sqlConnection = new SqlConnection(strCoon);
sqlConnection.Open();

SqlCommand sqlCommand = new SqlCommand(sql, sqlConnection);
if (sqlParameters.Length > 0)
{

sqlCommand.Parameters.AddRange(sqlParameters);
}
SqlDataReader dataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

return dataReader;
}
/// <summary>
/// 非查询
/// </summary>
/// <param name="sql">非查询语句</param>
/// <param name="sqlParameters">参数列表</param>
/// <returns></returns>
public static int NonQuery(string sql, params SqlParameter[] sqlParameters)
{
int num = 0;

using (SqlConnection SqlConnection = new SqlConnection(strCoon))
{
using (SqlCommand sqlCommand = new SqlCommand(sql, SqlConnection))
{
if (sqlParameters.Length > 0)
{
sqlCommand.Parameters.AddRange(sqlParameters);
}

try
{
SqlConnection.Open();
num = sqlCommand.ExecuteNonQuery();
}
finally
{
if (SqlConnection.State == ConnectionState.Open)
SqlConnection.Close();
}
//SqlConnection.Dispose();

return num;

}
}
}