static void Main(string[] args) { using (var context = new NorthwindClassesDataContext()) { var employees = context.Employees //.Where(e => e.BirthDate.Value.Year > 1950) .OrderBy(e => e.FirstName) .Select(e => new { e.EmployeeID, e.FirstName, e.LastName }) .ToList(); foreach (var e in employees) { Console.WriteLine($"Id: {e.EmployeeID} - {e.FirstName, 10} {e.LastName, 10}"); } //var employee = context.Employees.First(); //employee.FirstName = "Stanislaus"; //context.SubmitChanges(); // in EntityFramework: context.SaveChanges() //var newEmployee = new Employee //{ // FirstName = "theNewOne", // LastName = "Maier" //}; //context.Employees.InsertOnSubmit(newEmployee); // in EntityFramework: cotnext.Employees.Add(employee) //context.SubmitChanges(); //var employeeToDelete = context.Employees.SingleOrDefault(e => e.FirstName == "theNewOne" && e.LastName == "Maier"); //context.Employees.DeleteOnSubmit(employeeToDelete); // in EntityFramework: context.Employees.Remove(employee) //context.SubmitChanges(); } Console.ReadLine(); }
private void UsingLinqToSql() { var catID = Request.QueryString["CategoryID"]; var connString = WebConfigurationManager.ConnectionStrings["NorthwindConnectionString"].ConnectionString; var dc = new NorthwindClassesDataContext(connString); var catIDInt = Convert.ToInt16(catID); grdProducts.DataSource = dc.Products.Where(p => p.CategoryID == catIDInt); grdProducts.DataBind(); }
// PART 1 - insecure public VulnerableApp.ORM.ServiceProduct GetProductDetails(int param) { // Add your operation implementation here var productID = param; var connString = WebConfigurationManager.ConnectionStrings["NorthwindConnectionString"].ConnectionString; var dc = new NorthwindClassesDataContext(connString); Product product = dc.Products.Where(p => p.ProductID == productID).FirstOrDefault(); return(new ServiceProduct(product)); }
//// PART 2 - Secure //public VulnerableApp.ORM.ServiceProduct GetProductDetails(int param) //{ // Product product = new Product() {ProductID=0, ProductName = "You do not have succficient privileges to get details", QuantityPerUnit = "" }; // if (CanCurrentUserAccessProductDetails()) // { // // Add your operation implementation here // var productID = param; // var connString = WebConfigurationManager.ConnectionStrings["NorthwindConnectionString"].ConnectionString; // var dc = new NorthwindClassesDataContext(connString); // product = dc.Products.Where(p => p.ProductID == productID).FirstOrDefault(); // } // return new ServiceProduct(product); //} // PART 3 - Secure with indirect reference map public VulnerableApp.ORM.ServiceProduct GetProductDetails(Guid param) { Product product = new Product() { ProductID = 0, ProductName = "You do not have succficient privileges to get details", QuantityPerUnit = "" }; if (CanCurrentUserAccessProductDetails()) { // Add your operation implementation here var productID = VulnerableApp.HelperClasses.IndirectReferenceMap.GetDirectReference(param); var connString = WebConfigurationManager.ConnectionStrings["NorthwindConnectionString"].ConnectionString; var dc = new NorthwindClassesDataContext(connString); product = dc.Products.Where(p => p.ProductID == productID).FirstOrDefault(); } return(new ServiceProduct(product)); }
public void Initialize() { context = new NorthwindClassesDataContext(); context.ObjectTrackingEnabled = withTracking; }
//public ActionResult Add_Pr() //{ // return View(); //} //public ActionResult DropDownMenu2() //{ // DataClasses2DataContext context = new DataClasses2DataContext(); // return View(context.Misi_Partners); //} public ActionResult CreateDoc() { NorthwindClassesDataContext context = new NorthwindClassesDataContext(); return(View(context.Products)); }