Dapper操作Sql Server和MySql数据库

1. 在配置文件web.config中添加连接字符串

<connectionStrings>
  <add name="sqlconnectionString" connectionString="server=127.0.0.1;database=MyDataBase;User=sa;password=123456;Connect Timeout=1000000"/>
  <add name="mysqlconnectionString" connectionString="Data Source=127.0.0.1;Database=hyd;User Id=root;Password=root;CharSet=utf8;port=3306"/> 
</connectionStrings>

2. 获取连接数据库对象

 获取Sql Server的连接数据库对象SqlConnection  

public static SqlConnection SqlConnection()
{
      string sqlconnectionString = ConfigurationManager.ConnectionStrings["sqlconnectionString"].ToString();
      var connection = new SqlConnection(sqlconnectionString);
      connection.Open();
      return connection;
}

 获取MySql的连接数据库对象 MySqlConnection  

public static MySqlConnection MySqlConnection()
{
       string mysqlconnectionString = ConfigurationManager.ConnectionStrings["mysqlconnectionString"].ToString();
       var connection = new MySqlConnection(mysqlconnectionString);
       connection.Open();
       return connection;
}

3. 实体类

public class Users
{
     public int ID { get; set; }//自增主键
     public string Name { get; set; }
     public int  Age { get; set; }
}

4. 增删改查

    //
    using (IDbConnection conn = DapperService.MySqlConnection())
    {
        Users user = new Users();
        user.Name = "CNKI";
        user.Age = 38;
        string sqlCommandText = @"INSERT INTO USERS(Name,Age)VALUES(@Name,@Age)";
        int result = conn.Execute(sqlCommandText, user);
    }
    //批量增
    using (IDbConnection conn = DapperService.MySqlConnection())
    {
        List<Users> list = new List<Users>();
        for (int i = 0; i < 5; i++)
        {
            Users user = new Users();
            user.Name = "CNKI";
            user.Age = 38;
            list.Add(user);
        }
        string sqlCommandText = @"INSERT INTO USERS(Name,Age)VALUES(@Name,@Age)";
        int result = conn.Execute(sqlCommandText, list);
    }
    //
    using (IDbConnection conn = DapperService.MySqlConnection())
    {
        Users user = new Users();
        user.ID = 1;
        string sqlCommandText = @"DELETE FROM USERS WHERE ID=@ID";
        int result = conn.Execute(sqlCommandText, user);
    }
    //
    using (IDbConnection conn = DapperService.MySqlConnection())
    {
        Users user = new Users();
        user.ID = 2;
        user.Name = "CNKI";
        user.Age = 18;
        string sqlCommandText = @"UPDATE USERS SET Age=@Age WHERE ID=@ID";
        int result = conn.Execute(sqlCommandText, user);
    }
    //
    using (IDbConnection conn = DapperService.MySqlConnection())
    {
        string sqlCommandText = @"SELECT * FROM USERS WHERE ID=@ID";
        Users user = conn.Query<Users>(sqlCommandText, new  { ID=2 }).FirstOrDefault();
    }
    //分页
    using (IDbConnection conn = DapperService.MySqlConnection())
    {
        int pageIndex = 0;
        int pageSize = 2;
        string sqlCommandText = string.Format(@"SELECT * FROM USERS  LIMIT {0},{1} ", pageIndex * pageSize, pageSize);
        List<Users> user = conn.Query<Users>(sqlCommandText).ToList();
    }

5. 防止Sql注入

using (IDbConnection conn = DapperService.MySqlConnection())
{
     string sqlCommandText = @"SELECT * FROM USER WHERE ID=@ID";
     var p = new DynamicParameters();
     p.Add("@ID", 1);
     User user = conn.Query<User>(sqlCommandText,p).FirstOrDefault();
}

这里用到了Dapper的DynamicParameters动态参数集合类,从上面可以看到可以能过Add方法加入参数。最后通过conn.Query<MSys_Admin>(sqlText, p)执行sql,,返回结果。因为用的是命令参数的形式,让sql注入无机可乘,所以这种方案是安全的。

6. 操作事物

 public void TestDapperTransaction()
 {
       using (var conn = new MySql.Data.MySqlClient.MySqlConnection("server=localhost;Database=test;User Id=root;password=root"))
       {
           conn.Open();
           //开启事务
           IDbTransaction trans = conn.BeginTransaction();
           try
           {
               int row = conn.Execute(@"update t set name='www.lanhusoft.com' where id=@id", new { id = 3 }, trans);
               row += conn.Execute("delete from t where id=@id", new { id = 5 }, trans);
               for (int i = 0; i < 100; i++)
               {
                    conn.Execute(@"insert t(id, name) values (@id, @name)", new { id = i, name = "www.lanhusoft.com/" + i });
               }
               trans.Commit(); //提交事务
               conn.Close();
           }
           catch (Exception)
           {
               trans.Rollback(); //回滚事务
               conn.Close();
           }
      }
}

 

posted @ 2018-12-11 13:58  以德为先  阅读(2304)  评论(0编辑  收藏  举报