我正在设置一个来自C#应用程序的mysql连接,但我只是想知道这段代码是否提供了某种针对连接字符串黑客的安全性?我只是不想将连接凭据暴露给他们太多易受伤害
protected MySqlConnection connection;
protected string server;
protected string database;
protected string uid;
protected string password;
//Initialize values
private void Initialize()
{
server = "localhost";
database = "databaseName";
uid = "username";
password = "password";
var connectionString = string.Empty;
connectionString = "SERVER=" + server + ";" + "DATABASE=" + database + ";" + "UID=" + uid + ";" + "PASSWORD=" + password + ";";
connection = new MySqlConnection(connectionString.ToString());
}
//open connection to database
private bool OpenConnection()
{
try
{
connection.Open();
return true;
}
catch (MySqlException ex)
{
//When handling errors, you can your application's response based on the error number.
//The two most common error numbers when connecting are as follows:
//0: Cannot connect to server.
//1045: Invalid user name and/or password.
switch (ex.Number)
{
case 0:
MessageBox.Show("Cannot connect to server. Contact administrator");
break;
case 1045:
MessageBox.Show("Invalid username/password, please try again");
break;
}
return false;
}
}
感谢。