//ILogin不用 public object[] ChangePassword(object[] objParam) { string XMLParams = objParam[0].ToString(); string[] ss = XMLParams.Split(":".ToCharArray()); string sUserId = ss[0]; //MD5 md5 = new MD5CryptoServiceProvider(); //byte[] pwdBytes = md5.ComputeHash(Encoding.ASCII.GetBytes(ss[1])); //byte[] result = md5.ComputeHash(pwdBytes); //string sOldPwd = BitConverter.ToString(result); //pwdBytes = md5.ComputeHash(Encoding.ASCII.GetBytes(ss[2])); //result = md5.ComputeHash(pwdBytes); //string sNewPwd = BitConverter.ToString(result); if (ss[1].Length > 10 || ss[2].Length > 10) { return new object[] { 0, "E" }; } char[] p = new char[] { }; bool q; if (ss[1] != "") q = Encrypt.EncryptPassword(sUserId, ss[1], 10, ref p, false); string sOldPwd = new string(p); p = new char[] { }; if (ss[2] != "") q = Encrypt.EncryptPassword(sUserId, ss[2], 10, ref p, false); string sNewPwd = new string(p); #region Build the command and exec the command to log error ClientType ct = ClientType.ctNone; IDbConnection conn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { String sQL = ""; //为了区分不同的数据库 by Rei InfoCommand command = new InfoCommand(ClientInfo); if (conn.GetType().ToString() == "System.Data.SqlClient.SqlConnection") { if (ss[1] != "") sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and PWD = @OldPwd"; else sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and (PWD = '' or PWD is null)"; } else if (conn.GetType().ToString() == "System.Data.OracleClient.OracleConnection") { if (ss[1] != "") sQL = "update USERS set PWD = :NewPwd where USERID = :UserId and PWD = :OldPwd"; else sQL = "update USERS set PWD = :NewPwd where USERID = :UserId and (PWD = '' or PWD is null)"; } else if (conn.GetType().ToString() == "System.Data.Odbc.OdbcConnection") { if (ss[1] != "") sQL = "update USERS set PWD =? where USERID =? and PWD =?"; else sQL = "update USERS set PWD =? where USERID =? and (PWD = '' or PWD is null)"; //if (ss[1] != "") sQL = "update USERS set PWD = $NewPwd where USERID = $UserId and PWD = $OldPwd"; //else sQL = "update USERS set PWD = $NewPwd where USERID = $UserId and PWD = ''"; } else if (conn.GetType().ToString() == "System.Data.OleDb.OleDbConnection") { if (ss[1] != "") sQL = "update USERS set PWD = ? where USERID = ? and PWD = ?"; else sQL = "update USERS set PWD = ? where USERID = ? and (PWD = '' or PWD is null)"; } else if (conn.GetType().Name == "MySqlConnection") { if (ss[1] != "") sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and PWD = @OldPwd"; else sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and (PWD = '' or PWD is null)"; } else if (conn.GetType().Name == "IfxConnection") { if (ss[1] != "") sQL = "update USERS set PWD =? where USERID =? and PWD =?"; else sQL = "update USERS set PWD =? where USERID =? and (PWD = '' or PWD is null)"; } command.CommandText = sQL; command.Connection = conn; DbParameter paramNewPwd = null; DbParameter paramUserId = null; DbParameter paramOldPwd = null; if (conn is OleDbConnection) { paramNewPwd = new OleDbParameter("@NewPwd", OleDbType.VarChar, 10); paramUserId = new OleDbParameter("@UserId", OleDbType.VarChar, 20); paramOldPwd = new OleDbParameter("@OldPwd", OleDbType.VarChar, 10); } else if (conn is OdbcConnection) { paramNewPwd = new OdbcParameter("?", OdbcType.NVarChar, 10); paramUserId = new OdbcParameter("?", OdbcType.VarChar, 20); paramOldPwd = new OdbcParameter("?", OdbcType.NVarChar, 10); } else if (conn is OracleConnection) { paramNewPwd = new OracleParameter(":NewPwd", OracleType.NVarChar, 10); paramUserId = new OracleParameter(":UserId", OracleType.VarChar, 20); paramOldPwd = new OracleParameter(":OldPwd", OracleType.NVarChar, 10); } else if (conn is SqlConnection) { paramNewPwd = new SqlParameter("@NewPwd", SqlDbType.VarChar, 10); paramUserId = new SqlParameter("@UserId", SqlDbType.VarChar, 20); paramOldPwd = new SqlParameter("@OldPwd", SqlDbType.VarChar, 10); } #if MySql else if (conn is MySqlConnection) { paramNewPwd = new MySqlParameter("@NewPwd", MySqlDbType.VarChar, 10); paramUserId = new MySqlParameter("@UserId", MySqlDbType.VarChar, 20); paramOldPwd = new MySqlParameter("@OldPwd", MySqlDbType.VarChar, 10); } #endif #if Informix else if (conn is IBM.Data.Informix.IfxConnection) { paramNewPwd = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 10); paramUserId = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 20); paramOldPwd = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 10); } #endif paramNewPwd.Value = sNewPwd; paramUserId.Value = sUserId; paramOldPwd.Value = sOldPwd; if (!(conn is OdbcConnection)) { command.Parameters.Add(paramNewPwd); command.Parameters.Add(paramUserId); if (ss[1] != "") command.Parameters.Add(paramOldPwd); } Int32 i = command.ExecuteNonQuery(); if (i != 1) { return new object[] { 0, "E" }; //By Lily 表示没有找到该User,可能是UserID错误,或者原始密码错误。 } else { //验证密码有效期 by rei command.Parameters.Clear(); command.CommandText = "UPDATE USERS SET LASTDATE='" + DateTime.Today.Year.ToString() + DateTime.Today.Month.ToString("00") + DateTime.Today.Day.ToString("00") + "' WHERE USERID='" + sUserId + "'"; command.ExecuteNonQuery(); return new object[] { 0, "O" }; //找到该User,并更新好新密码。 } } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conn, true); } #endregion }
public object LogError(object[] objParam) { #region Build the command and exec the command to log error ClientType ct = ClientType.ctNone; IDbConnection conn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { String sQL = String.Empty; //为了区分不同的数据库 by Rei InfoCommand command = new InfoCommand(ClientInfo); command.Connection = conn; DbParameter paramUserId = null; DbParameter paramMoudleName = null; DbParameter paramErrMessage = null; DbParameter paramErrStack = null; DbParameter paramErrDescrip = null; DbParameter paramErrDate = null; DbParameter paramErrScreen = null; DbParameter paramStatus = null; if (conn is OleDbConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(?, ?, ?, ?, ?, ?, ?, ?)"; paramUserId = new OleDbParameter("@UserId", OleDbType.VarChar, 20); paramMoudleName = new OleDbParameter("@ModuleName", OleDbType.VarChar, 30); paramErrMessage = new OleDbParameter("@ErrMessage", OleDbType.VarChar, 300); paramErrStack = new OleDbParameter("@ErrStack", OleDbType.VarChar, 5000); paramErrDescrip = new OleDbParameter("@ErrDescrip", OleDbType.VarChar, 300); paramErrDate = new OleDbParameter("@ErrDate", OleDbType.Date); paramErrScreen = new OleDbParameter("@ErrScreen", OleDbType.Binary); paramStatus = new OleDbParameter("@Status", OleDbType.VarChar, 2); } else if (conn is OdbcConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(@UserId, @ModuleName, @ErrMessage, @ErrStack, @ErrDescrip, @ErrDate, @ErrScreen, @Status)"; paramUserId = new OdbcParameter("@UserId", OdbcType.VarChar, 20); paramMoudleName = new OdbcParameter("@ModuleName", OdbcType.VarChar, 30); paramErrMessage = new OdbcParameter("@ErrMessage", OdbcType.VarChar, 300); paramErrStack = new OdbcParameter("@ErrStack", OdbcType.VarChar, 5000); paramErrDescrip = new OdbcParameter("@ErrDescrip", OdbcType.VarChar, 300); paramErrDate = new OdbcParameter("@ErrDate", OdbcType.Date); paramErrScreen = new OdbcParameter("@ErrScreen", OdbcType.Binary); paramStatus = new OdbcParameter("@Status", OdbcType.VarChar, 2); } else if (conn is OracleConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(:UserId, :ModuleName, :ErrMessage, :ErrStack, :ErrDescrip, :ErrDate, :ErrScreen, :Status)"; paramUserId = new OracleParameter(":UserId", OracleType.VarChar, 20); paramMoudleName = new OracleParameter(":ModuleName", OracleType.VarChar, 30); paramErrMessage = new OracleParameter(":ErrMessage", OracleType.VarChar, 300); paramErrStack = new OracleParameter(":ErrStack", OracleType.VarChar, 5000); paramErrDescrip = new OracleParameter(":ErrDescrip", OracleType.VarChar, 300); paramErrDate = new OracleParameter(":ErrDate", OracleType.DateTime); paramErrScreen = new OracleParameter(":ErrScreen", OracleType.Blob, (objParam[6] as byte[]).Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, objParam[6]); paramStatus = new OracleParameter(":Status", OracleType.VarChar, 2); } else if (conn is SqlConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(@UserId, @ModuleName, @ErrMessage, @ErrStack, @ErrDescrip, @ErrDate, @ErrScreen, @Status)"; paramUserId = new SqlParameter("@UserId", SqlDbType.VarChar, 20); paramMoudleName = new SqlParameter("@ModuleName", SqlDbType.VarChar, 30); paramErrMessage = new SqlParameter("@ErrMessage", SqlDbType.VarChar, 300); paramErrStack = new SqlParameter("@ErrStack", SqlDbType.VarChar, 5000); paramErrDescrip = new SqlParameter("@ErrDescrip", SqlDbType.VarChar, 300); paramErrDate = new SqlParameter("@ErrDate", SqlDbType.DateTime); paramErrScreen = new SqlParameter("@ErrScreen", SqlDbType.Binary); paramStatus = new SqlParameter("@Status", SqlDbType.VarChar, 2); } #if MySql else if (conn is MySqlConnection) { paramUserId = new MySqlParameter("@UserId", MySqlDbType.VarChar, 20); paramMoudleName = new MySqlParameter("@ModuleName", MySqlDbType.VarChar, 30); paramErrMessage = new MySqlParameter("@ErrMessage", MySqlDbType.VarChar, 300); paramErrStack = new MySqlParameter("@ErrStack", MySqlDbType.VarChar, 5000); paramErrDescrip = new MySqlParameter("@ErrDescrip", MySqlDbType.VarChar, 300); paramErrDate = new MySqlParameter("@ErrDate", MySqlDbType.Datetime); paramErrScreen = new MySqlParameter("@ErrScreen", MySqlDbType.Binary); paramStatus = new MySqlParameter("@Status", MySqlDbType.VarChar, 2); } #endif #if Informix else if (conn is IBM.Data.Informix.IfxConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(?, ?, ?, ?, ?, ?, ?, ?)"; paramUserId = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 20); paramMoudleName = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 30); paramErrMessage = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 300); paramErrStack = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Text, 5000); paramErrDescrip = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 300); paramErrDate = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.DateTime); paramErrScreen = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Blob); paramStatus = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 2); } #endif command.CommandText = sQL; paramUserId.Value = (objParam[0] == null ? "" : objParam[0]); paramMoudleName.Value = (objParam[1] == null ? "" : objParam[1]); ; paramErrMessage.Value = (objParam[2] == null ? "" : objParam[2]); ; paramErrStack.Value = (objParam[3] == null ? "" : objParam[3]); ; paramErrDescrip.Value = (objParam[4] == null ? "" : objParam[4]); ; paramErrDate.Value = (objParam[5] == null ? DateTime.Now : objParam[5]); ; paramErrScreen.Value = (objParam[6] == null ? "" : objParam[6]); ; paramStatus.Value = (objParam[7] == null ? "" : objParam[7]); ; command.Parameters.Add(paramUserId); command.Parameters.Add(paramMoudleName); command.Parameters.Add(paramErrMessage); command.Parameters.Add(paramErrStack); command.Parameters.Add(paramErrDescrip); command.Parameters.Add(paramErrDate); command.Parameters.Add(paramErrScreen); command.Parameters.Add(paramStatus); Int32 i = command.ExecuteNonQuery(); if (i != 1) { return new object[] { 1 }; } else { return new object[] { 0 }; } } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conn, true); } #endregion }
public object OPMenu(object[] objParam) { string strMenuID = (String)objParam[0]; string strCaption = (String)objParam[1]; string strParent = (String)objParam[2]; string strModuleType = (String)objParam[3]; string strPackage = (String)objParam[4]; string strItemParam = (String)objParam[5]; string strForm = (String)objParam[6]; string strItemType = (String)objParam[7]; string strSEQ_NO = (String)objParam[8]; string strImageUrl = (String)objParam[11]; string captionlanguage = (String)objParam[12]; Srvtools.MGControl.OpType optype = (Srvtools.MGControl.OpType)objParam[9]; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = ""; string strBlob = ""; if (nwindConn is SqlConnection) strBlob = "update MENUTABLE set [IMAGE] = @icon where MENUID = '" + strMenuID + "'"; else if (nwindConn is OracleConnection) strBlob = "update MENUTABLE set IMAGE = :icon where MENUID = '" + strMenuID + "'"; else if (nwindConn is OdbcConnection) strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'"; else if (nwindConn is OleDbConnection) strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'"; else if (nwindConn.GetType().Name == "MySqlConnection") strBlob = "update MENUTABLE set IMAGE = @icon where MENUID = '" + strMenuID + "'"; else if (nwindConn.GetType().Name == "IfxConnection") strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'"; InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; if (optype == Srvtools.MGControl.OpType.add) { if (nwindConn is SqlConnection) strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values (@MENUID, @CAPTION" + captionlanguage + ", @PARENT, @MODULETYPE, @PACKAGE, @ITEMPARAM, @FORM, @ITEMTYPE, @SEQ_NO, @IMAGEURL)"; else if (nwindConn is OracleConnection) strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values (:MENUID, :CAPTION" + captionlanguage + ", :PARENT, :MODULETYPE, :PACKAGE, :ITEMPARAM, :FORM, :ITEMTYPE, :SEQ_NO, :IMAGEURL)"; else if (nwindConn is OdbcConnection) strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + "', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; else if (nwindConn is OleDbConnection) //strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + // "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + // "', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM,IMAGE, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + "', '" + strItemParam + "', '" + strForm + "', " + "0x0" + ", '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; else if (nwindConn.GetType().Name == "MySqlConnection") strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM,IMAGE, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + "', '" + strItemParam + "', '" + strForm + "', " + "0x0" + ", '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; else if (nwindConn.GetType().Name == "IfxConnection") strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + "', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; if (nwindConn is SqlConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new SqlParameter("@MENUID", strMenuID)); cmd.Parameters.Add(new SqlParameter("@CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption)); cmd.Parameters.Add(new SqlParameter("@PARENT", strParent == null ? String.Empty : strParent)); cmd.Parameters.Add(new SqlParameter("@MODULETYPE", strModuleType == null ? String.Empty : strModuleType)); cmd.Parameters.Add(new SqlParameter("@PACKAGE", strPackage == null ? String.Empty : strPackage)); cmd.Parameters.Add(new SqlParameter("@ITEMPARAM", strItemParam == null ? String.Empty : strItemParam)); cmd.Parameters.Add(new SqlParameter("@FORM", strForm == null ? String.Empty : strForm)); //cmd.Parameters.Add(new SqlParameter("@IMAGE", "'0'")); cmd.Parameters.Add(new SqlParameter("@ITEMTYPE", strItemType == null ? String.Empty : strItemType)); cmd.Parameters.Add(new SqlParameter("@SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO)); cmd.Parameters.Add(new SqlParameter("@IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OracleConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new OracleParameter(":MENUID", strMenuID)); cmd.Parameters.Add(new OracleParameter(":CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption)); cmd.Parameters.Add(new OracleParameter(":PARENT", strParent == null ? String.Empty : strParent)); cmd.Parameters.Add(new OracleParameter(":MODULETYPE", strModuleType == null ? String.Empty : strModuleType)); cmd.Parameters.Add(new OracleParameter(":PACKAGE", strPackage == null ? String.Empty : strPackage)); cmd.Parameters.Add(new OracleParameter(":ITEMPARAM", strItemParam == null ? String.Empty : strItemParam)); cmd.Parameters.Add(new OracleParameter(":FORM", strForm == null ? String.Empty : strForm)); //cmd.Parameters.Add(new OracleParameter(":IMAGE", "'0'")); cmd.Parameters.Add(new OracleParameter(":ITEMTYPE", strItemType == null ? String.Empty : strItemType)); cmd.Parameters.Add(new OracleParameter(":SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO)); cmd.Parameters.Add(new OracleParameter(":IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OdbcConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new OdbcParameter("?", strMenuID)); cmd.Parameters.Add(new OdbcParameter("?" + captionlanguage, strCaption)); cmd.Parameters.Add(new OdbcParameter("?", strParent)); cmd.Parameters.Add(new OdbcParameter("?", strModuleType)); cmd.Parameters.Add(new OdbcParameter("?", strPackage)); cmd.Parameters.Add(new OdbcParameter("?", strItemParam)); cmd.Parameters.Add(new OdbcParameter("?", strForm)); cmd.Parameters.Add(new OdbcParameter("?", "'0'")); cmd.Parameters.Add(new OdbcParameter("?", strItemType)); cmd.Parameters.Add(new OdbcParameter("?", strSEQ_NO)); cmd.Parameters.Add(new OdbcParameter("?", strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OleDbConnection) { cmd.CommandText = strSql; //cmd.Parameters.Add(new OleDbParameter("@MENUID", strMenuID)); //cmd.Parameters.Add(new OleDbParameter("@CAPTION" + captionlanguage, strCaption)); //cmd.Parameters.Add(new OleDbParameter("@PARENT", strParent)); //cmd.Parameters.Add(new OleDbParameter("@MODULETYPE", strModuleType)); //cmd.Parameters.Add(new OleDbParameter("@PACKAGE", strPackage)); //cmd.Parameters.Add(new OleDbParameter("@ITEMPARAM", strItemParam)); //cmd.Parameters.Add(new OleDbParameter("@FORM", strForm)); //cmd.Parameters.Add(new OleDbParameter("@IMAGE", "'0'")); //cmd.Parameters.Add(new OleDbParameter("@ITEMTYPE", strItemType)); //cmd.Parameters.Add(new OleDbParameter("@SEQ_NO", strSEQ_NO)); //cmd.Parameters.Add(new OleDbParameter("@IMAGEURL", strImageUrl)); cmd.ExecuteNonQuery(); } #if MySql else if (nwindConn is MySqlConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new MySqlParameter("@MENUID", strMenuID)); cmd.Parameters.Add(new MySqlParameter("@CAPTION" + captionlanguage, strCaption)); cmd.Parameters.Add(new MySqlParameter("@PARENT", strParent)); cmd.Parameters.Add(new MySqlParameter("@MODULETYPE", strModuleType)); cmd.Parameters.Add(new MySqlParameter("@PACKAGE", strPackage)); cmd.Parameters.Add(new MySqlParameter("@ITEMPARAM", strItemParam)); cmd.Parameters.Add(new MySqlParameter("@FORM", strForm)); cmd.Parameters.Add(new MySqlParameter("@IMAGE", "'0'")); cmd.Parameters.Add(new MySqlParameter("@ITEMTYPE", strItemType)); cmd.Parameters.Add(new MySqlParameter("@SEQ_NO", strSEQ_NO)); cmd.Parameters.Add(new MySqlParameter("@IMAGEURL", strImageUrl)); cmd.ExecuteNonQuery(); } #endif #if Informix else if (nwindConn is IBM.Data.Informix.IfxConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strMenuID)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?" + captionlanguage, strCaption)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strParent)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strModuleType)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strPackage)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemParam)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strForm)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", "'0'")); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemType)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strSEQ_NO)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strImageUrl)); cmd.ExecuteNonQuery(); } #endif } else if (optype == Srvtools.MGControl.OpType.modify) { if (nwindConn is SqlConnection) strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = @CAPTION" + captionlanguage + ", PARENT = @PARENT, MODULETYPE = @MODULETYPE" + ", PACKAGE = @PACKAGE, ITEMPARAM = @ITEMPARAM, FORM = @FORM, ITEMTYPE = @ITEMTYPE, SEQ_NO = @SEQ_NO, IMAGEURL = @IMAGEURL where MENUID = '" + strMenuID + "'"; else if (nwindConn is OracleConnection) strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = :CAPTION" + captionlanguage + ", PARENT = :PARENT, MODULETYPE = :MODULETYPE" + ", PACKAGE = :PACKAGE, ITEMPARAM = :ITEMPARAM, FORM = :FORM, ITEMTYPE = :ITEMTYPE, SEQ_NO = :SEQ_NO, IMAGEURL = :IMAGEURL where MENUID = '" + strMenuID + "'"; else if (nwindConn is OdbcConnection) strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = '" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" + strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" + strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'"; else if (nwindConn is OleDbConnection) strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = N'" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" + strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" + strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'"; else if (nwindConn.GetType().Name == "MySqlConnection") strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = N'" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" + strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" + strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'"; else if (nwindConn.GetType().Name == "IfxConnection") strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = '" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" + strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" + strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'"; if (nwindConn is SqlConnection) { cmd.CommandText = strSql; //cmd.Parameters.Add(new SqlParameter("@MENUID", strMenuID)); cmd.Parameters.Add(new SqlParameter("@CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption)); cmd.Parameters.Add(new SqlParameter("@PARENT", strParent == null ? String.Empty : strParent)); cmd.Parameters.Add(new SqlParameter("@MODULETYPE", strModuleType == null ? String.Empty : strModuleType)); cmd.Parameters.Add(new SqlParameter("@PACKAGE", strPackage == null ? String.Empty : strPackage)); cmd.Parameters.Add(new SqlParameter("@ITEMPARAM", strItemParam == null ? String.Empty : strItemParam)); cmd.Parameters.Add(new SqlParameter("@FORM", strForm == null ? String.Empty : strForm)); //cmd.Parameters.Add(new SqlParameter("@IMAGE", "'0'")); cmd.Parameters.Add(new SqlParameter("@ITEMTYPE", strItemType == null ? String.Empty : strItemType)); cmd.Parameters.Add(new SqlParameter("@SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO)); cmd.Parameters.Add(new SqlParameter("@IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OracleConnection) { cmd.CommandText = strSql; //cmd.Parameters.Add(new OracleParameter(":MENUID", strMenuID)); cmd.Parameters.Add(new OracleParameter(":CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption)); cmd.Parameters.Add(new OracleParameter(":PARENT", strParent == null ? String.Empty : strParent)); cmd.Parameters.Add(new OracleParameter(":MODULETYPE", strModuleType == null ? String.Empty : strModuleType)); cmd.Parameters.Add(new OracleParameter(":PACKAGE", strPackage == null ? String.Empty : strPackage)); cmd.Parameters.Add(new OracleParameter(":ITEMPARAM", strItemParam == null ? String.Empty : strItemParam)); cmd.Parameters.Add(new OracleParameter(":FORM", strForm == null ? String.Empty : strForm)); //cmd.Parameters.Add(new OracleParameter(":IMAGE", "'0'")); cmd.Parameters.Add(new OracleParameter(":ITEMTYPE", strItemType == null ? String.Empty : strItemType)); cmd.Parameters.Add(new OracleParameter(":SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO)); cmd.Parameters.Add(new OracleParameter(":IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OdbcConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new OdbcParameter("?", strMenuID)); cmd.Parameters.Add(new OdbcParameter("?" + captionlanguage, strCaption)); cmd.Parameters.Add(new OdbcParameter("?", strParent)); cmd.Parameters.Add(new OdbcParameter("?", strModuleType)); cmd.Parameters.Add(new OdbcParameter("?", strPackage)); cmd.Parameters.Add(new OdbcParameter("?", strItemParam)); cmd.Parameters.Add(new OdbcParameter("?", strForm)); cmd.Parameters.Add(new OdbcParameter("?", "'0'")); cmd.Parameters.Add(new OdbcParameter("?", strItemType)); cmd.Parameters.Add(new OdbcParameter("?", strSEQ_NO)); cmd.Parameters.Add(new OdbcParameter("?", strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OleDbConnection) { cmd.CommandText = strSql; //cmd.Parameters.Add(new OleDbParameter("@MENUID", strMenuID)); //cmd.Parameters.Add(new OleDbParameter("@CAPTION" + captionlanguage, strCaption)); //cmd.Parameters.Add(new OleDbParameter("@PARENT", strParent)); //cmd.Parameters.Add(new OleDbParameter("@MODULETYPE", strModuleType)); //cmd.Parameters.Add(new OleDbParameter("@PACKAGE", strPackage)); //cmd.Parameters.Add(new OleDbParameter("@ITEMPARAM", strItemParam)); //cmd.Parameters.Add(new OleDbParameter("@FORM", strForm)); //cmd.Parameters.Add(new OleDbParameter("@IMAGE", "'0'")); //cmd.Parameters.Add(new OleDbParameter("@ITEMTYPE", strItemType)); //cmd.Parameters.Add(new OleDbParameter("@SEQ_NO", strSEQ_NO)); //cmd.Parameters.Add(new OleDbParameter("@IMAGEURL", strImageUrl)); cmd.ExecuteNonQuery(); } #if MySql else if (nwindConn is MySqlConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new MySqlParameter("@MENUID", strMenuID)); cmd.Parameters.Add(new MySqlParameter("@CAPTION" + captionlanguage, strCaption)); cmd.Parameters.Add(new MySqlParameter("@PARENT", strParent)); cmd.Parameters.Add(new MySqlParameter("@MODULETYPE", strModuleType)); cmd.Parameters.Add(new MySqlParameter("@PACKAGE", strPackage)); cmd.Parameters.Add(new MySqlParameter("@ITEMPARAM", strItemParam)); cmd.Parameters.Add(new MySqlParameter("@FORM", strForm)); cmd.Parameters.Add(new MySqlParameter("@IMAGE", "'0'")); cmd.Parameters.Add(new MySqlParameter("@ITEMTYPE", strItemType)); cmd.Parameters.Add(new MySqlParameter("@SEQ_NO", strSEQ_NO)); cmd.Parameters.Add(new MySqlParameter("@IMAGEURL", strImageUrl)); cmd.ExecuteNonQuery(); } #endif #if Informix else if (nwindConn is IBM.Data.Informix.IfxConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strMenuID)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?" + captionlanguage, strCaption)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strParent)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strModuleType)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strPackage)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemParam)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strForm)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", "'0'")); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemType)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strSEQ_NO)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strImageUrl)); cmd.ExecuteNonQuery(); } #endif } else { strSql = "delete from MENUTABLE where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from USERMENUS where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from GROUPMENUS where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from MENUTABLECONTROL where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from USERMENUCONTROL where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from GROUPMENUCONTROL where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); } if (optype != Srvtools.MGControl.OpType.delete && objParam[10] != null) { byte[] blob = (byte[])objParam[10]; if (nwindConn is SqlConnection) { SqlParameter param = new SqlParameter("@icon", SqlDbType.VarBinary, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); cmd.ExecuteNonQuery(); } else if (nwindConn is OracleConnection) { OracleParameter param = new OracleParameter(":icon", OracleType.Blob, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); cmd.ExecuteNonQuery(); } else if (nwindConn is OdbcConnection) { OdbcParameter param = new OdbcParameter("?", OdbcType.VarBinary, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); try { cmd.ExecuteNonQuery(); } catch (Exception e) { string str = e.Message; } } else if (nwindConn is OleDbConnection) { OleDbParameter param = new OleDbParameter("@icon", OleDbType.LongVarBinary, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); cmd.ExecuteNonQuery(); } #if MySql else if (nwindConn is MySqlConnection) { MySqlParameter param = new MySqlParameter("@icon", MySqlDbType.Blob, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); cmd.ExecuteNonQuery(); } #endif #if Informix else if (nwindConn is IBM.Data.Informix.IfxConnection) { IBM.Data.Informix.IfxParameter param = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Blob, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); try { cmd.ExecuteNonQuery(); } catch (Exception e) { string str = e.Message; } } #endif } return new object[] { 0, null }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object[] AnyQuerySave(object[] param) { String userID = GetClientInfo(ClientInfoType.LoginUser).ToString(); String queryID = param[0].ToString(); String templateID = param[1].ToString(); String xmlText = param[2].ToString(); String tableName = param[3].ToString(); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { String sql = "DELETE FROM SYS_ANYQUERY WHERE USERID='" + userID + "' AND QUERYID='" + queryID + "' AND TEMPLATEID='" + templateID + "'"; InfoCommand myCommand = new InfoCommand(ClientInfo); myCommand.Connection = nwindConn; myCommand.CommandText = sql; myCommand.ExecuteNonQuery(); String dt = DateTime.Now.ToShortDateString() + " " + DateTime.Now.Hour + ":" + DateTime.Now.Minute + ":" + DateTime.Now.Second; if (ct == ClientType.ctMsSql) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', @CONTENT)"; SqlParameter paramContent = new SqlParameter(); paramContent.ParameterName = "@CONTENT"; paramContent.SqlDbType = SqlDbType.Text; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } else if (ct == ClientType.ctOracle) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', to_date('" + dt + "', 'yyyy/mm/dd hh24:mi:ss'), :CONTENT)"; OracleParameter paramContent = new OracleParameter(); paramContent.ParameterName = ":CONTENT"; paramContent.OracleType = OracleType.Blob; byte[] byteArray = System.Text.Encoding.Default.GetBytes(xmlText); paramContent.Value = byteArray; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } else if (ct == ClientType.ctODBC) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)"; OdbcParameter paramContent = new OdbcParameter(); paramContent.ParameterName = "@CONTENT"; paramContent.OdbcType = OdbcType.NText; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } else if (ct == ClientType.ctOleDB) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)"; OleDbParameter paramContent = new OleDbParameter(); paramContent.ParameterName = "@CONTENT"; paramContent.OleDbType = OleDbType.Binary; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } #if MySQL else if (ct == ClientType.ctMySql) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', @CONTENT)"; SqlParameter paramContent = new SqlParameter(); paramContent.ParameterName = "@CONTENT"; paramContent.SqlDbType = SqlDbType.Text; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } #endif #if Informix else if (ct == ClientType.ctInformix) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)"; IBM.Data.Informix.IfxParameter paramContent = new IBM.Data.Informix.IfxParameter(); paramContent.ParameterName = "?"; paramContent.IfxType = IBM.Data.Informix.IfxType.Text; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } #endif myCommand.ExecuteNonQuery(); return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }