注意代码上的注释,它们解释了我所做的更改。
// No point of passing a bool if all you do is return it… private bool CheckDatabase(string databaseName) { // You kNow it’s a string, use var var connString = “Server=localhost\sqlEXPRESS;Integrated Security=SSPI;database=master”; // Note: It’s better to take the connection string from the config file.
var cmdText = "select count(*) from master.dbo.sysdatabases where name=@database";
using (var sqlConnection = new sqlConnection(connString))
{
using (var sqlCmd = new sqlCommand(cmdText, sqlConnection))
{
// Use parameters to protect against sql Injection
sqlCmd.Parameters.Add("@database", System.Data.sqlDbType.NVarChar).Value = databaseName;
// Open the connection as late as possible
sqlConnection.open();
// count(*) will always return an int, so it's safe to use Convert.ToInt32
return Convert.ToInt32( sqlCmd.ExecuteScalar()) == 1;
}
}
}