asp.net LINQ防止SQL注入式攻击
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.Configuration; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { } protected void btnLogin_Click(object sender, EventArgs e) { string name = txtUserName.Text; string pass = txtPass.Text; DataClassesDataContext lqDB = new DataClassesDataContext(); var result = from v in lqDB.tbUser where v.username == name && v.userpass.ToString() == pass select v; if (result.Count() > 0) { Page.ClientScript.RegisterStartupScript(GetType(),"","alert('登录成功')",true); } else { Page.ClientScript.RegisterStartupScript(GetType(),"","alert('登录失败')",true); } } }
奋斗就是每天很难,可是一年一年却越来越容易;
不奋斗就是每天很容易,可是一年一年却越来越难。
