I have a string that contains a login, database, and a password.
string str = "user Id=abc, database=DDD, Password=mypasswd"
I want to be able to replace the database value "DDD" with a different value.
I tried using the string.Replace, but I won't know what the existing database will be.
Does anyone know of a simple solution?
Following is the only recommended way by MSDN to prevent Connection String Injection Attacks
http://msdn.microsoft.com/en-us/library/ms254947.aspx
// cs stores previous connection string which came from config
System.Data.SqlClient.SqlConnectionStringBuilder builder =
new System.Data.SqlClient.SqlConnectionStringBuilder(cs);
builder.InitialCatalog = "NEWDB";
// you get your database name replaced properly...
cs = builder.ToString();
Based on the type of database or database driver, you have to use different class, for MySql it should be MySqlConnectionStringBuilder and name of property might be Database.
One alternative is to use a Regex, this would do the replace for you:
using System.Text.RegularExpressions;
string cStr = "user Id=abc, database=DDD, Password=mypasswd";
Console.WriteLine(cStr);
Regex r = new Regex("(?<=database=)(.+?)(?=,)");
cStr = r.Replace(cStr, "NewDatabaseName");
Console.WriteLine(cStr);
NOTE: this was compiled, run, and proven with scriptcs
so it's fairly droppable into your solution.
How about using String.Format ?
string username = "abc";
string database = "myDB";
string password = "my_pw";
string str = String.Format("user Id={0}, database={1}, Password={2}",
username, database, password);
You could then load these values (or even the whole connection string) from a configuration file.
Regexes are also an option:
string str = "user Id=abc, database=DDD, Password=mypasswd",
newDatabase = "newDb";
Console.WriteLine( Regex.Replace( str, @"(?<=database=)(.*?)(?=,)", m => newDatabase ) );
Split the string at the comma separator, then take the second index of the resulting array, split at the equal separator, substitute the second element, then recombine all
string str = "user Id=abc, database=DDD, Password=mypasswd";
string[] parts = str.Split(',');
string[] dbparts = parts[1].Split('=');
dbparts[1] = "new_database_name";
parts[1] = string.Join("=", dbparts);
string final = string.Join(", ", parts);
and, well, with a bit of error checking would be safer.
Same as above but if you are fun of LINQ
string str = "user Id=abc, database=DDD, Password=mypasswd";
var q = from part in str.Split(new[] {','})
let trimedPart= part.Trim()
let replacedPart =trimedPart.StartsWith("database=")?trimedPart.Replace("DDD","newValue"):trimedPart
select replacedPart;
var newConStr = q.Aggregate((current, next) => current + "," + next);
These solutions are all great, but doesn't one long and confusing line have a certain elegance?
"user Id=abc, database=DDD, Password=mypasswd".Substring(0, "user Id=abc, database=DDD, Password=mypasswd".IndexOf("database=")) + "database=" + "[YOUR VALUE HERE]" + ", " + "user Id=abc, database=DDD, Password=mypasswd".Substring("user Id=abc, database=DDD, Password=mypasswd".IndexOf("Password="))
Output: user Id=abc, database=[YOUR VALUE HERE], Password=mypasswd
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.