EonaCat/EonaCat.Sqlv1.0.8
✓ Verified.NET 6.0.NET 7.0.NET 8.0.NET 9.0
EonaCat Helpers - SqlBuilder - Automatically parameterize sqlQueries - SqlHelper for Sql Injections and Javascript injections in strings - Deadlock Retry Helper
Get Started
$ dotnet add package EonaCat.SqlReadme
EonaCat.Sql
EonaCat Sql Builder and prevention library
Create SqlBuilder
SqlHelper.GetBuilder();
Check if the string is safe for web (Sql and Javascript)
// Without errors returned
SqlHelper.IsWebSafe(string input);
// With errors returned
SqlHelper.IsWebSafe(string input, out string errors);
// Only check for Sql injection
SqlHelper.HasSqlInjection(string input, out string errors);
// Only check for Javascript injection
SqlHelper.HasJsInjection(string input, out string errors);
You can also use it as a stringExtension:
if (!input.IsWebSafe())
{
Console.WriteLine("String is NOT webSafe!");
}
if (input.HasSqlInjection(out string errors))
{
Console.WriteLine($"String has Sql injections! {Environment.NewLine} {errors}");
}
if (input.HasJsInjection(out string errors))
{
Console.WriteLine($"String has Javascript injections! {Environment.NewLine} {errors}");
}
Deadlock Retry Helper:
SqlHelper.DeadlockRetryHelper(Action action, int maxRetries = 3);
You can also use it as an actionExtension:
myMethodAction.DeadlockRetryHelper(3);
Execute SQL query directly parameterized:
private static async void TestsqlServer()
{
var customerId = "AROUT";
var result = SqlHelper.ExecuteQuery(
new Microsoft.Data.SqlClient.SqlConnection(@"Server=localhost;Database=NorthWind;User Id=sa;Password=jeroen;TrustServerCertificate=Yes;"),
$"SELECT * FROM Customers WHERE CustomerID = @CustomerId AND Country = @Country",
new Dictionary<string, object>
{
{ "CustomerId", customerId },
{ "Country", "UK" },
}
);
if (result.HasResult && result.HasRows)
{
Console.WriteLine($"Found '{result.TotalRows}' " + ((result.TotalRows > 1) ? "rows" : "row"));
Console.WriteLine(string.Empty);
foreach (var record in result.DataSet)
{
Console.WriteLine(record.CustomerID);
Console.WriteLine(record.ContactTitle);
}
}
else
{
if (!result.HasResult)
{
Console.WriteLine("No valid result!");
}
if (!result.HasRows)
{
Console.WriteLine("No rows found");
}
if (result.HasException)
{
Console.WriteLine(result.Exception);
}
}
Console.ReadLine();
}