ADO.NET 完整的修改和删除

namespace 完整修改
{
class Program
{
static void Main(string[] args)
{
bool has = false;

Console.Write("请输入要修改的用户名：");
string Uname = Console.ReadLine();

SqlConnection conn = new SqlConnection("server=.;database=Data0720;user=sa;pwd=123");
SqlCommand cmd = conn.CreateCommand();
cmd.CommandText = "select *from Users where UserName='" + Uname + "'";
conn.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
has = true;
}
conn.Close();

if (has)
{
Console.WriteLine("已经查到[" + Uname + "]用户信息，请进行修改");
Console.Write("请输入修改后的密码：");
string Pwd = Console.ReadLine();
Console.Write("请输入修改后的昵称：");
string Nname = Console.ReadLine();
Console.Write("请输入修改后的性别：");
string Sex = Console.ReadLine();
Console.Write("请输入修改后的生日：");
string Birthday = Console.ReadLine();
Console.Write("请输入修改后的民族：");
string Nation = Console.ReadLine();

//@key 占位符
cmd.CommandText = " update Users set PassWord=@pwd,NickName=@nname,Sex=@sex,Birthday=@bir,Nation=@nat where UserName=@uname;";
cmd.Parameters.Clear();
cmd.Parameters.Add("@pwd", Pwd);
cmd.Parameters.Add("@nname",Nname);
cmd.Parameters.Add("@sex", (Sex=="男")?"1":"0");
cmd.Parameters.Add("@bir", Birthday);
cmd.Parameters.Add("@nat", Nation);
cmd.Parameters.Add("@uname", Uname);

conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
Console.WriteLine("修改完毕！");
}
else
{
Console.WriteLine("未查到[" + Uname + "]用户信息，请确认用户名输入是否正确！");
}

Console.ReadLine();

}

}
}

namespace 完整修改删除_数据库字符串攻击
{
class Program
{
static void Main(string[] args)
{
bool has = false;

Console.Write("请输入要删除的用户名：");
string Uname = Console.ReadLine();

if (has)
{
Console.WriteLine("已经查到[" + Uname + "]用户信息，是否确定要删除吗？（Y/N）：");
string u = Console.ReadLine();
if (u.ToUpper() == "Y")//确定删除
{
cmd.CommandText = "delete from Users where UserName='" + Uname + "'";
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
Console.WriteLine(Uname + "删除成功！");
}
}
else
{
Console.WriteLine("未查到[" + Uname + "]用户信息，请确认用户名输入是否正确！");
}

Console.ReadLine();
}
}
}

ADO.NET 完整的修改和删除

推荐阅读