[摘录]asp.net项目连接数据库

Unless you have a specific reason to do so, never ask for all columns (using the * wildcard)
when you only need a part of them. This generates more traffic and stress on the database server than necessary
and slows down performance. Moreover, even if you do need to ask for all columns in the table, it’s safer
to mention them explicitly to protect your application in case the number or order of columns change in future.

// Create the connection object
SqlConnection connection = new SqlConnection();
// Set the connection string
connection.ConnectionString = "Server=(local)/SqlExpress; " +
"User ID=balloonshop; Password=ecommerce;" +
"Database=BalloonShop";
// Open the connection
connection.Open();
The code is fairly straightforward: you first create a SqlConnection object, then set its
ConnectionString property, and finally open the connection. A connection needs to be opened
before it is used for any operations.
Understanding the connection string is important—if your program has problems connecting
to the database, these problems likely can be solved by fixing the connection string (assuming
that SQL Server is properly configured and that you actually have access to it).
The connection string contains the three important elements. The first is the name of the
SQL Server instance you’re connecting to. For SQL Server 2008 Express Edition, the default
instance name is (local)/SqlExpress. You’ll want to change this if your SQL Server instance
has another name. You can use your computer name instead of (local). Of course, if you
connect to a remote SQL Server instance, you’ll need to specify the complete network path
instead of (local).
After specifying the server, you need to supply security information needed to log in to the
server. You can log in to SQL Server either by using SQL Server Authentication (in which case
you need to supply a SQL Server username and password as shown in the code snippet) or
by using Windows Authentication (also named Windows Integrated Security). With Windows
Integrated Security, you don’t have to supply a username and password, because SQL Server
uses the Windows login information of the currently logged-in user.

To log in using Windows Authentication, you’ll need to supply Integrated Security=True
(or Integrated Security=SSPI) instead of User ID=username; Password=password. The final part
of the connection string specifies the database you’ll be working with.

ASP.NET, since version 2.0, brings in the notions of themes and skins. Skins are like CSS
files in that they contain various properties, but they do this on a control-type basis, they allow
setting properties that aren’t accessible through CSS (such as an image’s src property), and
they are applied on the server side. Skin definitions are saved in files with the .skin extension
(these files can store one or more skin definitions) and look much like the definition of an ASP.NET
control. A typical skin definition looks like this:
<asp:Image runat="server" SkinID="BalloonShopLogo" src="/Images/BalloonShop.png"/>

A theme is a collection of CSS files, skins, and images. You can add more themes to a web
site and allow for easily changing the look of your site by switching the active theme at design
time or even at runtime.
In the exercise, you’ll create a new theme called BalloonShopDefault, and you’ll add a CSS
file to it, which will be then used to display the list of departments.