Removed almost everything. cant have execution function in case of SQL injection techniques
This commit is contained in:
parent
74f6359f77
commit
1b3f83d9e1
1 changed files with 8 additions and 37 deletions
|
|
@ -11,51 +11,22 @@ namespace Saviour_Backup_System
|
||||||
{
|
{
|
||||||
class databaseTools
|
class databaseTools
|
||||||
{
|
{
|
||||||
private static string databaseName = "db.sdf";
|
private static SqlCeConnection conn = new SqlCeConnection("Data Source = " + databaseName);
|
||||||
public static void initDatabase()
|
public static string databaseName = "db.sdf";
|
||||||
|
|
||||||
|
|
||||||
|
private static void executeSQL(string sqlCode)
|
||||||
{
|
{
|
||||||
try{
|
|
||||||
if (!File.Exists(databaseName))
|
|
||||||
{
|
|
||||||
SqlCeEngine SQLEngine = new SqlCeEngine("Data Source = " + databaseName);
|
|
||||||
SQLEngine.CreateDatabase(); //Creates the database if it doesnt exist already
|
|
||||||
|
|
||||||
SqlCeConnection conn = new SqlCeConnection("Data Source = " + databaseName);
|
|
||||||
conn.Open();
|
|
||||||
SqlCeCommand cmd = conn.CreateCommand();
|
|
||||||
|
|
||||||
cmd.CommandText = "CREATE TABLE Rules (%%)"; //Fill these in! (Before running)
|
|
||||||
cmd.ExecuteNonQuery();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch (Exception err) { MessageBox.Show("An Error has occured: \n" + err.ToString()); }
|
|
||||||
}
|
|
||||||
public static string executeSQLQuery(string sqlCode)
|
|
||||||
{
|
|
||||||
SqlCeConnection conn = new SqlCeConnection("Data Source = " + databaseName);
|
|
||||||
conn.Open();
|
|
||||||
SqlCeCommand cmd = conn.CreateCommand();
|
|
||||||
cmd.CommandText = sqlCode;
|
|
||||||
SqlCeDataReader reader = cmd.ExecuteReader();
|
|
||||||
while (reader.Read())
|
|
||||||
{
|
|
||||||
|
|
||||||
}
|
|
||||||
return "";
|
|
||||||
}
|
|
||||||
|
|
||||||
public static void executeSQL(string sqlCode)
|
|
||||||
{
|
|
||||||
SqlCeConnection conn = new SqlCeConnection("Data Source = " + databaseName);
|
|
||||||
conn.Open();
|
conn.Open();
|
||||||
SqlCeCommand cmd = conn.CreateCommand();
|
SqlCeCommand cmd = conn.CreateCommand();
|
||||||
cmd.CommandText = sqlCode;
|
cmd.CommandText = sqlCode;
|
||||||
cmd.ExecuteNonQuery();
|
cmd.ExecuteNonQuery();
|
||||||
}
|
}
|
||||||
|
|
||||||
public static void clearTable(string tableName)
|
|
||||||
|
public static void clearBackups(string tableName)
|
||||||
{
|
{
|
||||||
executeSQL("DELETE FROM " + tableName + ";");
|
executeSQL("DELETE FROM Rules;");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Reference in a new issue