LinQ C#防注入式攻擊實例代碼

注入式攻擊是Web開放項目中開發人員的第一時間要考慮的問題，下面就個人開發實例分享給你們，有用的的話就點個贊吧。

 1 定義賬戶信息類
 2 public class UserInfors
 3 {
 4     public string EmployeeID { get; set; }
 5     public string UserName { get; set; }
 6     public string PassWord { get; set; }
 7         /// <summary>
 8         /// 重寫Object類的ToString()方法
 9         /// </summary>
10         /// <returns></returns>
11         public override string ToString()
12         {
13              return string.Format("賬號：{0},姓名：{1},密碼：{2}",
14                 this.EmployeeID,
15                 this.UserName,
16                 this.PassWord);
17         }
18 }
19 
20 使用LinQ進行用戶信息驗證
21 DataTable Users;
22         Users = ds.Tables[0];
23         //創建一個學生集合
24         List<UserInfors> list = new List<UserInfors>();
25         foreach (DataRow dr in Users.Rows)
26         {
27             list.Add(new UserInfors()
28             {
29                 EmployeeID = dr["EmployeeID"].ToString(),
30                 UserName = dr["UserName"].ToString(),
31                 PassWord =dr["PassWord"].ToString(),
32             });        
33         }
34         var result = from r in list
35                      where r.EmployeeID == userid  && r.PassWord == password
36                      select r;
37         if (result.Count() > 0)
38         {
39             string name="";
40             foreach (var ci in result)
41             {
42                name= ci.UserName;
43             }
44 
45             Session.Add("UsersName", name);
46             Session.Timeout = 20;
47             Response.Clear();
48             Response.Write(name);
49             Response.End();
50         }

View Code