/// <summary>
/// 注册
/// </summary>
/// <param name="userName">User name.</param>
/// <param name="pwd">Pwd.</param>
public static bool Register(string userName, string pwd)
{
bool success = false;
//检查sql语句是否合法,防止sql注入
if (StringHelper.CheckSqlString(userName) || StringHelper.CheckSqlString(pwd))
{
success = false;
}
else
{
using (SqlConnection conn = SqlClientHelper.CreateConn()) {
SqlClientHelper.Open(conn);
string sql = "SELECT [UserName] FROM [User] WHERE [UserName] = '" + userName + "'";
ArrayList list = SqlClientHelper.ExecuteReader(conn, sql);
//若存在帐号
if (list != null)
{
success = false;
}
else
{
sql = "INSERT INTO [User] ([Username], [Password], [Coin]) VALUES ('" + userName + "', '" + pwd + "', 0)";
int exe = SqlClientHelper.ExecuteNoQuery(conn, sql);
success = (exe == -1) ? false : true;
}
}
}
return(success);
}
/// <summary>
/// 列出所有内容
/// </summary>
public static string List()
{
string reslut = "";
SqlConnection conn = SqlClientHelper.CreateConn();
ArrayList list = SqlClientHelper.ExecuteReader(conn, "SELECT * FROM [User]");
if (list == null || list.Count == 0)
{
reslut = null;
}
else
{
StringBuilder sb = new StringBuilder();
foreach (Dictionary <string, string> dic in list)
{
for (int i = 0; i < dic.Count; i++)
{
string value = "";
dic.TryGetValue(i.ToString(), out value);
sb.Append(value + "|");
}
sb.Append("<br>");
}
reslut = sb.ToString();
}
if (conn.State == System.Data.ConnectionState.Open)
{
conn.Close();
}
conn.Dispose();
return(reslut);
}
