static void prepare() { using (var db = new OwaspExampleDataContext("Data Source=(local);Initial Catalog=OwaspExample;Integrated Security=True")) { db.ExecuteCommand("delete from Cars"); db.ExecuteCommand("delete from PrivateData"); var pd1 = new PrivateData(); pd1.Username = "******"; pd1.Secret = "Secreto de la vida, el universo y de todo: 42"; db.PrivateDatas.InsertOnSubmit(pd1); var pd2 = new PrivateData(); pd2.Username = "******"; pd2.Secret = "Secreto de la vida, el universo y de todo: 44"; db.PrivateDatas.InsertOnSubmit(pd2); var car1 = new Car(); car1.CarName = "Bugatti Beyron"; db.Cars.InsertOnSubmit(car1); var car2 = new Car(); car2.CarName = "Ferrari FXX"; db.Cars.InsertOnSubmit(car2); db.SubmitChanges(); } }
static void viewData() { using (var db = new OwaspExampleDataContext("Data Source=(local);Initial Catalog=OwaspExample;Integrated Security=True")) { var cars = (from c in db.Cars select c).ToList(); cars.ForEach( c => Console.WriteLine(c.CarName)); var secrets = (from s in db.PrivateDatas select s).ToList(); secrets.ForEach(s => Console.WriteLine("Usuario: " + s.Username + " Secreto: " + s.Secret)); } }
static void linq() { using (var db = new OwaspExampleDataContext("Data Source=(local);Initial Catalog=OwaspExample;Integrated Security=True")) { string carToInsert = "' DELETE PrivateData --"; var existentCar = (from c in db.Cars where c.CarName == carToInsert select c) .SingleOrDefault(); if(existentCar != null) return; var newCar = new Car(); newCar.CarName = carToInsert; db.Cars.InsertOnSubmit(newCar); db.SubmitChanges(); } }