/// <summary> /// 注册 /// </summary> /// <param name="userName">User name.</param> /// <param name="pwd">Pwd.</param> public static bool Register(string userName, string pwd) { bool success = false; //检查sql语句是否合法,防止sql注入 if (StringHelper.CheckSqlString(userName) || StringHelper.CheckSqlString(pwd)) { success = false; } else { using (SqlConnection conn = SqlClientHelper.CreateConn()) { SqlClientHelper.Open(conn); string sql = "SELECT [UserName] FROM [User] WHERE [UserName] = '" + userName + "'"; ArrayList list = SqlClientHelper.ExecuteReader(conn, sql); //若存在帐号 if (list != null) { success = false; } else { sql = "INSERT INTO [User] ([Username], [Password], [Coin]) VALUES ('" + userName + "', '" + pwd + "', 0)"; int exe = SqlClientHelper.ExecuteNoQuery(conn, sql); success = (exe == -1) ? false : true; } } } return(success); }
/// <summary> /// 列出所有内容 /// </summary> public static string List() { string reslut = ""; SqlConnection conn = SqlClientHelper.CreateConn(); ArrayList list = SqlClientHelper.ExecuteReader(conn, "SELECT * FROM [User]"); if (list == null || list.Count == 0) { reslut = null; } else { StringBuilder sb = new StringBuilder(); foreach (Dictionary <string, string> dic in list) { for (int i = 0; i < dic.Count; i++) { string value = ""; dic.TryGetValue(i.ToString(), out value); sb.Append(value + "|"); } sb.Append("<br>"); } reslut = sb.ToString(); } if (conn.State == System.Data.ConnectionState.Open) { conn.Close(); } conn.Dispose(); return(reslut); }