一.Sql注入实例
using System; using System.Collections.Generic; using System.Data; using System.Data.SqlClient; using System.Linq; using System.Text; using System.Threading.Tasks; namespace ConsoleApp5 { class Program { static void Main(string[] args) { //创建连接字符串 SqlConnectionStringBuilder strConn = new SqlConnectionStringBuilder(); strConn.DataSource = "DESKTOP-0MBGCKA\\SQL2016"; strConn.InitialCatalog = "Login"; strConn.IntegratedSecurity = true; using (SqlConnection conn = new SqlConnection(strConn.ConnectionString)) { Console.WriteLine("请输入用户名:"); var username = Console.ReadLine(); Console.WriteLine("请输入密码:"); var password = Console.ReadLine(); try { string strSql = "select count(*) from users where (name='" + username + "') and (word='" + password + "')"; SqlCommand cmd = new SqlCommand(strSql, conn); conn.Open(); int row = (int)cmd.ExecuteScalar(); ) { Console.WriteLine("登陆成功"); } else { Console.WriteLine("登录失败"); } } catch (Exception ex) { Console.WriteLine("\nError:\n{0}", ex.Message); } } Console.Read(); } } }
Sql注入的原理:通过单引号破坏Sql语句的结构,从而使得输入的内容能够被当做Sql语句执行
二.Parameter对象
防止Sql注入的原理:将输入的内容作为字符串处理,不能够破坏Sql语句的结构,使得输入内容不能被当做Sql语句执行
实例:
using System; using System.Collections.Generic; using System.Data; using System.Data.SqlClient; using System.Linq; using System.Text; using System.Threading.Tasks; namespace ConsoleApp5 { class Program { static void Main(string[] args) { //创建连接字符串 SqlConnectionStringBuilder strConn = new SqlConnectionStringBuilder(); strConn.DataSource = "DESKTOP-0MBGCKA\\SQL2016"; strConn.InitialCatalog = "Login"; strConn.IntegratedSecurity = true; using (SqlConnection conn = new SqlConnection(strConn.ConnectionString)) { Console.WriteLine("请输入用户名:"); var username = Console.ReadLine(); Console.WriteLine("请输入密码:"); var password = Console.ReadLine(); try { SqlParameter[] paras = new SqlParameter[] { ), ) }; paras[].Value = username; paras[].Value = password; string strSql = "Select count(*) from users where name= @username and word= @password"; SqlCommand cmd = new SqlCommand(strSql, conn); cmd.Parameters.Add(paras[]); cmd.Parameters.Add(paras[]); conn.Open(); int row = (int)cmd.ExecuteScalar(); ) { Console.WriteLine("登录成功"); } else { Console.WriteLine("登录失败"); } } catch (Exception ex) { Console.WriteLine("\nError:\n{0}", ex.Message); } } Console.ReadLine(); } } }