public static string CreateCheckLogonSql(string userName, string Password) { return(string.Format("SELECT COUNT(*) FROM USER_TABLE WHERE USERID={0} AND PASSWORD={1}", BaseDatabaseWarpper.GetSafeString(userName), BaseDatabaseWarpper.GetSafeString(Password))); }
public static string CreateRegisterUserInsertSql(string userName, string Password) { BaseDatabaseWarpper.CheckParamter("userName", userName); BaseDatabaseWarpper.CheckParamter("Password", Password); return(string.Format("INSERT INTO USER_TABLE (USERID,PASSWORD) VALUES ({0},{1})", BaseDatabaseWarpper.GetSafeString(userName), BaseDatabaseWarpper.GetSafeString(getSafePassword(Password)))); }