首页 > 代码库 > asp.net LINQ防止SQL注入式攻击

asp.net LINQ防止SQL注入式攻击

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Configuration;

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void btnLogin_Click(object sender, EventArgs e)
    {
        string name = txtUserName.Text;
        string pass = txtPass.Text;
        DataClassesDataContext lqDB = new DataClassesDataContext();
        var result = from v in lqDB.tbUser
                     where v.username == name && v.userpass.ToString() == pass
                     select v;
        if (result.Count() > 0)
        {
            Page.ClientScript.RegisterStartupScript(GetType(),"","alert(‘登录成功‘)",true);
        }
        else
        {
            Page.ClientScript.RegisterStartupScript(GetType(),"","alert(‘登录失败‘)",true);
        }
    }
}

技术分享

 

asp.net LINQ防止SQL注入式攻击