Removed almost everything. cant have execution function in case of SQL injection techniques
This commit is contained in:
parent
74f6359f77
commit
1b3f83d9e1
1 changed files with 8 additions and 37 deletions
|
@ -11,51 +11,22 @@ namespace Saviour_Backup_System
|
|||
{
|
||||
class databaseTools
|
||||
{
|
||||
private static string databaseName = "db.sdf";
|
||||
public static void initDatabase()
|
||||
private static SqlCeConnection conn = new SqlCeConnection("Data Source = " + databaseName);
|
||||
public static string databaseName = "db.sdf";
|
||||
|
||||
|
||||
private static void executeSQL(string sqlCode)
|
||||
{
|
||||
try{
|
||||
if (!File.Exists(databaseName))
|
||||
{
|
||||
SqlCeEngine SQLEngine = new SqlCeEngine("Data Source = " + databaseName);
|
||||
SQLEngine.CreateDatabase(); //Creates the database if it doesnt exist already
|
||||
|
||||
SqlCeConnection conn = new SqlCeConnection("Data Source = " + databaseName);
|
||||
conn.Open();
|
||||
SqlCeCommand cmd = conn.CreateCommand();
|
||||
|
||||
cmd.CommandText = "CREATE TABLE Rules (%%)"; //Fill these in! (Before running)
|
||||
cmd.ExecuteNonQuery();
|
||||
}
|
||||
}
|
||||
catch (Exception err) { MessageBox.Show("An Error has occured: \n" + err.ToString()); }
|
||||
}
|
||||
public static string executeSQLQuery(string sqlCode)
|
||||
{
|
||||
SqlCeConnection conn = new SqlCeConnection("Data Source = " + databaseName);
|
||||
conn.Open();
|
||||
SqlCeCommand cmd = conn.CreateCommand();
|
||||
cmd.CommandText = sqlCode;
|
||||
SqlCeDataReader reader = cmd.ExecuteReader();
|
||||
while (reader.Read())
|
||||
{
|
||||
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
public static void executeSQL(string sqlCode)
|
||||
{
|
||||
SqlCeConnection conn = new SqlCeConnection("Data Source = " + databaseName);
|
||||
conn.Open();
|
||||
SqlCeCommand cmd = conn.CreateCommand();
|
||||
cmd.CommandText = sqlCode;
|
||||
cmd.ExecuteNonQuery();
|
||||
}
|
||||
|
||||
public static void clearTable(string tableName)
|
||||
|
||||
public static void clearBackups(string tableName)
|
||||
{
|
||||
executeSQL("DELETE FROM " + tableName + ";");
|
||||
executeSQL("DELETE FROM Rules;");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Reference in a new issue