I am currently struggling with the database with MySQL database. The thing is that it uses the load of memory (as I have found anywhere on the net, when you are using Detector, instead of using approximately 4x memory). What I was thinking was that to create a function that would use DataReader for the SQL Selection command.
What I'm currently thinking (example):
public zero GetData (string name, string aliases, string company) {string select comand = " "; Choose Commands + = "Select - Setable"; If (txtName.Text! = "" || txtSurname.Text! = "" || txtCompany.Text! = "") Select COMMAND + = "WHERE"; If (txtName.Text! = "") Select COMAND + = "name =" + txtName.Text + ""; If (txtSurname.Text! = "") Select COMAND + = "SERNAM =" + txtSurname.Text + ""; If (txtCompany) select COMAND + = "company =" + txtCompany.Text + ""; MySqlDataAdapter Data Adapter = New MySqlDataAdapter (Selection Commands + ";", Conn.); /// etc ...} But I think this is a wrong way. First of all, the second thing I'm not using parametrs is that it looks kind of dirty. Can anyone give some suggestions?
This is definitely a SQL injection attack that is waiting ...
Comments
Post a Comment