博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
一个数据库操作类(包含弹出对话框函数,也可自定义弹出的脚本内容)
阅读量:5146 次
发布时间:2019-06-13

本文共 16743 字,大约阅读时间需要 55 分钟。

using System;using System.Collections.Generic;using System.Web;using System.Data;using System.Data.Sql;using System.Configuration;using System.Data.SqlClient;using System.Text;using System.Security.Cryptography;/// /// 弹出信息/// /// namespace Common{    public class MessageAlert    {        ///         /// 传入信息弹出来        ///         ///         ///         public static void Alert(System.Web.UI.Page page, string msg)        {            page.ClientScript.RegisterStartupScript(page.GetType(), "msg", "");        }        ///         /// 自定义脚本信息        ///         ///         ///         public static void AlertLocation(System.Web.UI.Page page, string msg)        {            page.ClientScript.RegisterStartupScript(page.GetType(), "msg", "");        }    }    ///     ///DB数据库操作    ///     public class DB    {        public static string substr(string str, int num)        {            string strs;            if (str.Length > num)            {                strs = str.Substring(0, num) + "...";            }            else            {                strs = str;            }            return strs;        }        public static string substr1(string str, int num)        {            string strs;            if (str.Length > num)            {                strs = str.Substring(0, num);            }            else            {                strs = str;            }            return strs;        }        public static string conStr = ConfigurationManager.ConnectionStrings["haqiuConnectionString"].ToString();        public static SqlConnection con = new SqlConnection();        public static SqlCommand cmd = new SqlCommand();        public static void openConnection()//打开数据库        {            if (con.State == ConnectionState.Closed)            {                try                {                    con.ConnectionString = conStr;                    cmd.Connection = con;                    con.Open();                }                catch (Exception err)                {                    throw new Exception(err.Message);                }            }        }        public static void closeConnection()//关闭数据库        {            if (con.State == ConnectionState.Open)            {                try                {                    con.Close();                    con.Dispose();                    cmd.Dispose();                }                catch (Exception err)                {                    throw new Exception(err.Message);                }            }        }        ///         /// 执行sql语句        ///         /// 写上你们的sql        public static int ExecuteSql(string sqlstr)        {            int result = 0;            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                result = cmd.ExecuteNonQuery();                closeConnection();                return result;            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }        }        #region 执行存储过程        ///         /// 执行存储过程        ///         /// 存储过程名        /// SqlParameters 集合        public static void ExecutePorcedure(string procName, SqlParameter[] coll)        {            try            {                openConnection();                for (int i = 0; i < coll.Length; i++)                {                    cmd.Parameters.Add(coll[i]);                }                cmd.CommandType = CommandType.StoredProcedure;                cmd.CommandText = procName;                cmd.ExecuteNonQuery();            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                cmd.Parameters.Clear();                closeConnection();            }        }        #endregion        #region 执行存储过程并返回数据集        ///         /// 执行存储过程并返回数据集        ///         /// 存储过程名称        /// SqlParameter集合        /// DataSet         public static void ExecutePorcedure(string procName, SqlParameter[] coll, ref DataSet ds)        {            try            {                SqlDataAdapter da = new SqlDataAdapter();                openConnection();                for (int i = 0; i < coll.Length; i++)                {                    cmd.Parameters.Add(coll[i]);                }                cmd.CommandType = CommandType.StoredProcedure;                cmd.CommandText = procName;                da.SelectCommand = cmd;                da.Fill(ds);            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                cmd.Parameters.Clear();                closeConnection();            }        }        #endregion        #region 执行Sql查询语句并返回第一行的第一条记录,返回值为object 使用时需要拆箱操作 -> Unbox        ///         /// 执行Sql查询语句并返回第一行的第一条记录,返回值为object 使用时需要拆箱操作 -> Unbox        ///         /// 传入的Sql语句        /// 
     
      object 返回值 
             public static object ExecuteScalar(string sqlstr)        {            object obj = new object();            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                obj = cmd.ExecuteScalar();            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }            return obj;        }        #endregion        #region 执行Sql查询语句,同时进行事务处理        ///         /// 执行Sql查询语句,同时进行事务处理        ///         /// 传入的Sql语句        public static void ExecuteSqlWithTransaction(string sqlstr)        {            SqlTransaction trans;            trans = con.BeginTransaction();            cmd.Transaction = trans;            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                cmd.ExecuteNonQuery();                trans.Commit();            }            catch            {                trans.Rollback();            }            finally            {                closeConnection();            }        }        #endregion        #region 返回指定Sql语句的SqlDataReader,请注意,在使用后请关闭本对象,同时将自动调用closeConnection()来关闭数据库连接方法关闭数据库连接        ///         /// 返回指定Sql语句的SqlDataReader,请注意,在使用后请关闭本对象,同时将自动调用closeConnection()来关闭数据库连接        /// 方法关闭数据库连接        ///         /// 传入的Sql语句        /// 
     
      SqlDataReader对象
             public static SqlDataReader dataReader(string sqlstr)        {            SqlDataReader dr = null;            try            {                openConnection();                cmd.CommandText = sqlstr;                cmd.CommandType = CommandType.Text;                dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);            }            catch            {                try                {                    dr.Close();                    closeConnection();                }                catch                {                }            }            return dr;        }        #endregion        #region (ref)返回指定Sql语句的SqlDataReader,请注意,在使用后请关闭本对象,同时将自动调用closeConnection()来关闭数据库连接方法关闭数据库连接        ///         /// 返回指定Sql语句的SqlDataReader,请注意,在使用后请关闭本对象,同时将自动调用closeConnection()来关闭数据库连接        /// 方法关闭数据库连接        ///         /// 传入的Sql语句        /// 传入的ref DataReader 对象        public static void dataReader(string sqlstr, ref SqlDataReader dr)        {            try            {                openConnection();                cmd.CommandText = sqlstr;                cmd.CommandType = CommandType.Text;                dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);            }            catch            {                try                {                    if (dr != null && !dr.IsClosed)                        dr.Close();                }                catch                {                }                finally                {                    closeConnection();                }            }        }        #endregion        #region 返回指定Sql语句的DataSet        ///         /// 返回指定Sql语句的DataSet        ///         /// 传入的Sql语句        /// 
     
      DataSet
             public static DataSet dataSet(string sqlstr)        {            DataSet ds = new DataSet();            SqlDataAdapter da = new SqlDataAdapter();            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                da.SelectCommand = cmd;                da.Fill(ds);            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }            return ds;        }        //string table 为虚拟表 可以用 搜索的数据库表"name"         //DataSet ds1 = DB.PagedataSet(sqlstr1, AspNetPager1.PageSize * (AspNetPager1.CurrentPageIndex - 1),         //    AspNetPager1.PageSize,"newlist");        //    Repeater1.DataSource = ds1.Tables[0];        public static DataSet PagedataSet(string sqlstr, int pageindex, int pagesize, string table)        {            DataSet ds = new DataSet();            SqlDataAdapter da = new SqlDataAdapter();            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                da.SelectCommand = cmd;                da.Fill(ds, pageindex, pagesize, table);            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }            return ds;        }        #endregion        #region (ref)返回指定Sql语句的DataSet        ///         /// 返回指定Sql语句的DataSet        ///         /// 传入的Sql语句        /// 传入的引用DataSet对象        public static void dataSet(string sqlstr, ref DataSet ds)        {            SqlDataAdapter da = new SqlDataAdapter();            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                da.SelectCommand = cmd;                da.Fill(ds);            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }        }        #endregion        #region 返回指定Sql语句的DataTable        ///         /// 返回指定Sql语句的DataTable        ///         /// 传入的Sql语句        /// 
     
      DataTable
             public static DataTable dataTable(string sqlstr)        {            SqlDataAdapter da = new SqlDataAdapter();            DataTable datatable = new DataTable();            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                da.SelectCommand = cmd;                da.Fill(datatable);            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }            return datatable;        }        #endregion        #region 执行指定Sql语句,同时给传入DataTable进行赋值        ///         /// 执行指定Sql语句,同时给传入DataTable进行赋值        ///         /// 传入的Sql语句        /// ref DataTable dt         public static void dataTable(string sqlstr, ref DataTable dt)        {            SqlDataAdapter da = new SqlDataAdapter();            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                da.SelectCommand = cmd;                da.Fill(dt);            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }        }        #endregion        #region 执行带参数存储过程并返回数据集合        ///         /// 执行带参数存储过程并返回数据集合        ///         /// 存储过程名称        /// SqlParameterCollection 输入参数        /// 
             public static DataTable dataTable(string procName, SqlParameterCollection parameters)        {            SqlDataAdapter da = new SqlDataAdapter();            DataTable datatable = new DataTable();            try            {                openConnection();                cmd.Parameters.Clear();                cmd.CommandType = CommandType.StoredProcedure;                cmd.CommandText = procName;                foreach (SqlParameter para in parameters)                {                    SqlParameter p = (SqlParameter)para;                    cmd.Parameters.Add(p);                }                da.SelectCommand = cmd;                da.Fill(datatable);            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }            return datatable;        }        #endregion        #region 返回指定sql语句的 DataView        public static DataView dataView(string sqlstr)        {            SqlDataAdapter da = new SqlDataAdapter();            DataView dv = new DataView();            DataSet ds = new DataSet();            try            {                openConnection();                cmd.CommandType = CommandType.Text;                cmd.CommandText = sqlstr;                da.SelectCommand = cmd;                da.Fill(ds);                dv = ds.Tables[0].DefaultView;            }            catch (Exception e)            {                throw new Exception(e.Message);            }            finally            {                closeConnection();            }            return dv;        }        #endregion             /// 过滤html,js,css代码    ///     /// 过滤html,js,css代码    ///     /// 参数传入    /// 
         public static string CheckStr(string html)    {        System.Text.RegularExpressions.Regex regex1 = new System.Text.RegularExpressions.Regex(@"
     
      ", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        System.Text.RegularExpressions.Regex regex2 = new System.Text.RegularExpressions.Regex(@" href *= *[\s\S]*script. *:", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        System.Text.RegularExpressions.Regex regex3 = new System.Text.RegularExpressions.Regex(@" no[\s\S]*=", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        System.Text.RegularExpressions.Regex regex4 = new System.Text.RegularExpressions.Regex(@"
      
       ", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        System.Text.RegularExpressions.Regex regex5 = new System.Text.RegularExpressions.Regex(@"
       
        ", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        System.Text.RegularExpressions.Regex regex6 = new System.Text.RegularExpressions.Regex(@"\
        
         ]+\>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        System.Text.RegularExpressions.Regex regex7 = new System.Text.RegularExpressions.Regex(@"
         
", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        System.Text.RegularExpressions.Regex regex8 = new System.Text.RegularExpressions.Regex(@"
         
", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        System.Text.RegularExpressions.Regex regex9 = new System.Text.RegularExpressions.Regex(@"<[^>]*>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);        html = regex1.Replace(html, ""); //过滤标记        html = regex2.Replace(html, ""); //过滤href=java script. () 属性 html = regex3.Replace(html, " _disibledevent="); //过滤其它控件的on...事件 html = regex4.Replace(html, ""); //过滤iframe html = regex5.Replace(html, ""); //过滤frameset html = regex6.Replace(html, ""); //过滤frameset html = regex7.Replace(html, ""); //过滤frameset html = regex8.Replace(html, ""); //过滤frameset html = regex9.Replace(html, ""); html = html.Replace(" ", ""); html = html.Replace("", ""); html = html.Replace("", ""); html = html.Replace("'", "'"); return html; } /// 
          /// 传入用户输入判断是不是非法关键字 /// 
          /// 传入用户输入字符判断 /// 
            public static bool sql_immit(String sql_str) {//用#分割关键字 string model_str = "'#and#exec#insert#select#delete#update#count#*#%#chr#mid#master#truncate#char#declare#;#or#-#+#,"; string[] model_split_str = model_str.Split('#'); for (int i = 0; i < model_split_str.Length; i++) { if (sql_str.IndexOf(model_split_str[i]) >= 0) { //>=0说明有关键字,否则说明没有关键字 return true; } } return false; } }}

转载于:https://www.cnblogs.com/Barret/archive/2011/03/29/1998928.html

你可能感兴趣的文章
电商测试环境Jenkins multibranch pipeline实践
查看>>
Android--sos闪光灯
查看>>
关于Google App Engine
查看>>
场和帧的 关系(转)
查看>>
verilog 有符号数(2转)
查看>>
JS命名空间、对象封装
查看>>
自定义HttpFilter模块完善
查看>>
编码上的小改进
查看>>
Conda常见命令
查看>>
【动态规划】Codeforces 706C Hard problem
查看>>
1.4.1 Arithmetic Progressions
查看>>
React Native安装步骤
查看>>
数据转换服务-文本抽出技术
查看>>
GPS导航仪常见术语解释
查看>>
实验七
查看>>
HDU-2028
查看>>
Tomcat支持多少并发
查看>>
远程桌面工具有哪些?
查看>>
POCO 是什么?
查看>>
bzoj 1877 最小费用流
查看>>
喝酒易醉,品茶养心,人生如梦,品茶悟道,何以解忧?唯有杜康!-- 愿君每日到此一游!
当前时间: 2024-11-19 17:31:59   当前IP: 18.189.188.8   联系邮箱:javaeecc@qq.com     Copyright © 2020 - 2022 baihongyu.com 京ICP备2021015314号-2
强烈建议你试试无所不能的CHAT-GPT,快点击我
强烈建议你试试无所不能的CHAT-GPT,快点击我