在会话中保持连接字符串是一个好习惯。 [英] keeping connection string in session is a good practice or not.?

问题描述

我正在使用类文件来创建连接以及执行查询。从类文件中我在 session 中分配连接字符串。是不是错误的做法？是否会导致黑客入侵数据库？



i我正在使用mysql数据库驱动程序3.5

解决方案

是在会话中存储连接字符串的具体要求是什么？

我认为没有人会这样做。

保持连接字符串的最佳位置是配置文件。

这将有助于了解与连接字符串相关的黑客风险。



https://msdn.microsoft.com/en-us/library/89211k9b（v = vs.110）.aspx [ ^ ]



http://forums.asp.net/t/372447.aspx?What+is+the+best+place+to+store+connection+string+ [ ^ ]

连接字符串是整个Web应用程序的全局，只需将其保存在web.config中，请参阅：在web.config中存储连接字符串 [ ^ ]

i am using a class file for creating connections and also for executing queries. from the class file am assigning the connection string in session. is it a wrong practice or not? is it lead to hacking the database or not?

i am using mysql database driver 3.5

解决方案

Is there any specific requirement for storing connection string in session?
I don't think anyone would do that.
Best place to keep connection strings are configuration files.

Hi,
This will helpful to understand about hack risk related with connection string.

https://msdn.microsoft.com/en-us/library/89211k9b(v=vs.110).aspx[^]

http://forums.asp.net/t/372447.aspx?What+is+the+best+place+to+store+connection+string+[^]

connection string is global to the whole web app, just keep it inside the web.config, refer: Store connection string in web.config[^]

这篇关于在会话中保持连接字符串是一个好习惯。的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！