//ILogin不用
public object[] ChangePassword(object[] objParam)
{
string XMLParams = objParam[0].ToString();
string[] ss = XMLParams.Split(":".ToCharArray());
string sUserId = ss[0];
//MD5 md5 = new MD5CryptoServiceProvider();
//byte[] pwdBytes = md5.ComputeHash(Encoding.ASCII.GetBytes(ss[1]));
//byte[] result = md5.ComputeHash(pwdBytes);
//string sOldPwd = BitConverter.ToString(result);
//pwdBytes = md5.ComputeHash(Encoding.ASCII.GetBytes(ss[2]));
//result = md5.ComputeHash(pwdBytes);
//string sNewPwd = BitConverter.ToString(result);
if (ss[1].Length > 10 || ss[2].Length > 10)
{
return new object[] { 0, "E" };
}
char[] p = new char[] { };
bool q;
if (ss[1] != "") q = Encrypt.EncryptPassword(sUserId, ss[1], 10, ref p, false);
string sOldPwd = new string(p);
p = new char[] { };
if (ss[2] != "") q = Encrypt.EncryptPassword(sUserId, ss[2], 10, ref p, false);
string sNewPwd = new string(p);
#region Build the command and exec the command to log error
ClientType ct = ClientType.ctNone;
IDbConnection conn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
String sQL = "";
//为了区分不同的数据库 by Rei
InfoCommand command = new InfoCommand(ClientInfo);
if (conn.GetType().ToString() == "System.Data.SqlClient.SqlConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and PWD = @OldPwd";
else sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and (PWD = '' or PWD is null)";
}
else if (conn.GetType().ToString() == "System.Data.OracleClient.OracleConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD = :NewPwd where USERID = :UserId and PWD = :OldPwd";
else sQL = "update USERS set PWD = :NewPwd where USERID = :UserId and (PWD = '' or PWD is null)";
}
else if (conn.GetType().ToString() == "System.Data.Odbc.OdbcConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD =? where USERID =? and PWD =?";
else sQL = "update USERS set PWD =? where USERID =? and (PWD = '' or PWD is null)";
//if (ss[1] != "") sQL = "update USERS set PWD = $NewPwd where USERID = $UserId and PWD = $OldPwd";
//else sQL = "update USERS set PWD = $NewPwd where USERID = $UserId and PWD = ''";
}
else if (conn.GetType().ToString() == "System.Data.OleDb.OleDbConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD = ? where USERID = ? and PWD = ?";
else sQL = "update USERS set PWD = ? where USERID = ? and (PWD = '' or PWD is null)";
}
else if (conn.GetType().Name == "MySqlConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and PWD = @OldPwd";
else sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and (PWD = '' or PWD is null)";
}
else if (conn.GetType().Name == "IfxConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD =? where USERID =? and PWD =?";
else sQL = "update USERS set PWD =? where USERID =? and (PWD = '' or PWD is null)";
}
command.CommandText = sQL;
command.Connection = conn;
DbParameter paramNewPwd = null;
DbParameter paramUserId = null;
DbParameter paramOldPwd = null;
if (conn is OleDbConnection)
{
paramNewPwd = new OleDbParameter("@NewPwd", OleDbType.VarChar, 10);
paramUserId = new OleDbParameter("@UserId", OleDbType.VarChar, 20);
paramOldPwd = new OleDbParameter("@OldPwd", OleDbType.VarChar, 10);
}
else if (conn is OdbcConnection)
{
paramNewPwd = new OdbcParameter("?", OdbcType.NVarChar, 10);
paramUserId = new OdbcParameter("?", OdbcType.VarChar, 20);
paramOldPwd = new OdbcParameter("?", OdbcType.NVarChar, 10);
}
else if (conn is OracleConnection)
{
paramNewPwd = new OracleParameter(":NewPwd", OracleType.NVarChar, 10);
paramUserId = new OracleParameter(":UserId", OracleType.VarChar, 20);
paramOldPwd = new OracleParameter(":OldPwd", OracleType.NVarChar, 10);
}
else if (conn is SqlConnection)
{
paramNewPwd = new SqlParameter("@NewPwd", SqlDbType.VarChar, 10);
paramUserId = new SqlParameter("@UserId", SqlDbType.VarChar, 20);
paramOldPwd = new SqlParameter("@OldPwd", SqlDbType.VarChar, 10);
}
#if MySql
else if (conn is MySqlConnection)
{
paramNewPwd = new MySqlParameter("@NewPwd", MySqlDbType.VarChar, 10);
paramUserId = new MySqlParameter("@UserId", MySqlDbType.VarChar, 20);
paramOldPwd = new MySqlParameter("@OldPwd", MySqlDbType.VarChar, 10);
}
#endif
#if Informix
else if (conn is IBM.Data.Informix.IfxConnection)
{
paramNewPwd = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 10);
paramUserId = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 20);
paramOldPwd = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 10);
}
#endif
paramNewPwd.Value = sNewPwd;
paramUserId.Value = sUserId;
paramOldPwd.Value = sOldPwd;
if (!(conn is OdbcConnection))
{
command.Parameters.Add(paramNewPwd);
command.Parameters.Add(paramUserId);
if (ss[1] != "")
command.Parameters.Add(paramOldPwd);
}
Int32 i = command.ExecuteNonQuery();
if (i != 1)
{
return new object[] { 0, "E" }; //By Lily 表示没有找到该User,可能是UserID错误,或者原始密码错误。
}
else
{
//验证密码有效期 by rei
command.Parameters.Clear();
command.CommandText = "UPDATE USERS SET LASTDATE='" + DateTime.Today.Year.ToString() + DateTime.Today.Month.ToString("00") + DateTime.Today.Day.ToString("00") + "' WHERE USERID='" + sUserId + "'";
command.ExecuteNonQuery();
return new object[] { 0, "O" }; //找到该User,并更新好新密码。
}
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conn, true);
}
#endregion
}
public object LogError(object[] objParam)
{
#region Build the command and exec the command to log error
ClientType ct = ClientType.ctNone;
IDbConnection conn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
String sQL = String.Empty;
//为了区分不同的数据库 by Rei
InfoCommand command = new InfoCommand(ClientInfo);
command.Connection = conn;
DbParameter paramUserId = null;
DbParameter paramMoudleName = null;
DbParameter paramErrMessage = null;
DbParameter paramErrStack = null;
DbParameter paramErrDescrip = null;
DbParameter paramErrDate = null;
DbParameter paramErrScreen = null;
DbParameter paramStatus = null;
if (conn is OleDbConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(?, ?, ?, ?, ?, ?, ?, ?)";
paramUserId = new OleDbParameter("@UserId", OleDbType.VarChar, 20);
paramMoudleName = new OleDbParameter("@ModuleName", OleDbType.VarChar, 30);
paramErrMessage = new OleDbParameter("@ErrMessage", OleDbType.VarChar, 300);
paramErrStack = new OleDbParameter("@ErrStack", OleDbType.VarChar, 5000);
paramErrDescrip = new OleDbParameter("@ErrDescrip", OleDbType.VarChar, 300);
paramErrDate = new OleDbParameter("@ErrDate", OleDbType.Date);
paramErrScreen = new OleDbParameter("@ErrScreen", OleDbType.Binary);
paramStatus = new OleDbParameter("@Status", OleDbType.VarChar, 2);
}
else if (conn is OdbcConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(@UserId, @ModuleName, @ErrMessage, @ErrStack, @ErrDescrip, @ErrDate, @ErrScreen, @Status)";
paramUserId = new OdbcParameter("@UserId", OdbcType.VarChar, 20);
paramMoudleName = new OdbcParameter("@ModuleName", OdbcType.VarChar, 30);
paramErrMessage = new OdbcParameter("@ErrMessage", OdbcType.VarChar, 300);
paramErrStack = new OdbcParameter("@ErrStack", OdbcType.VarChar, 5000);
paramErrDescrip = new OdbcParameter("@ErrDescrip", OdbcType.VarChar, 300);
paramErrDate = new OdbcParameter("@ErrDate", OdbcType.Date);
paramErrScreen = new OdbcParameter("@ErrScreen", OdbcType.Binary);
paramStatus = new OdbcParameter("@Status", OdbcType.VarChar, 2);
}
else if (conn is OracleConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(:UserId, :ModuleName, :ErrMessage, :ErrStack, :ErrDescrip, :ErrDate, :ErrScreen, :Status)";
paramUserId = new OracleParameter(":UserId", OracleType.VarChar, 20);
paramMoudleName = new OracleParameter(":ModuleName", OracleType.VarChar, 30);
paramErrMessage = new OracleParameter(":ErrMessage", OracleType.VarChar, 300);
paramErrStack = new OracleParameter(":ErrStack", OracleType.VarChar, 5000);
paramErrDescrip = new OracleParameter(":ErrDescrip", OracleType.VarChar, 300);
paramErrDate = new OracleParameter(":ErrDate", OracleType.DateTime);
paramErrScreen = new OracleParameter(":ErrScreen", OracleType.Blob, (objParam[6] as byte[]).Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, objParam[6]);
paramStatus = new OracleParameter(":Status", OracleType.VarChar, 2);
}
else if (conn is SqlConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(@UserId, @ModuleName, @ErrMessage, @ErrStack, @ErrDescrip, @ErrDate, @ErrScreen, @Status)";
paramUserId = new SqlParameter("@UserId", SqlDbType.VarChar, 20);
paramMoudleName = new SqlParameter("@ModuleName", SqlDbType.VarChar, 30);
paramErrMessage = new SqlParameter("@ErrMessage", SqlDbType.VarChar, 300);
paramErrStack = new SqlParameter("@ErrStack", SqlDbType.VarChar, 5000);
paramErrDescrip = new SqlParameter("@ErrDescrip", SqlDbType.VarChar, 300);
paramErrDate = new SqlParameter("@ErrDate", SqlDbType.DateTime);
paramErrScreen = new SqlParameter("@ErrScreen", SqlDbType.Binary);
paramStatus = new SqlParameter("@Status", SqlDbType.VarChar, 2);
}
#if MySql
else if (conn is MySqlConnection)
{
paramUserId = new MySqlParameter("@UserId", MySqlDbType.VarChar, 20);
paramMoudleName = new MySqlParameter("@ModuleName", MySqlDbType.VarChar, 30);
paramErrMessage = new MySqlParameter("@ErrMessage", MySqlDbType.VarChar, 300);
paramErrStack = new MySqlParameter("@ErrStack", MySqlDbType.VarChar, 5000);
paramErrDescrip = new MySqlParameter("@ErrDescrip", MySqlDbType.VarChar, 300);
paramErrDate = new MySqlParameter("@ErrDate", MySqlDbType.Datetime);
paramErrScreen = new MySqlParameter("@ErrScreen", MySqlDbType.Binary);
paramStatus = new MySqlParameter("@Status", MySqlDbType.VarChar, 2);
}
#endif
#if Informix
else if (conn is IBM.Data.Informix.IfxConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(?, ?, ?, ?, ?, ?, ?, ?)";
paramUserId = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 20);
paramMoudleName = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 30);
paramErrMessage = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 300);
paramErrStack = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Text, 5000);
paramErrDescrip = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 300);
paramErrDate = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.DateTime);
paramErrScreen = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Blob);
paramStatus = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 2);
}
#endif
command.CommandText = sQL;
paramUserId.Value = (objParam[0] == null ? "" : objParam[0]);
paramMoudleName.Value = (objParam[1] == null ? "" : objParam[1]); ;
paramErrMessage.Value = (objParam[2] == null ? "" : objParam[2]); ;
paramErrStack.Value = (objParam[3] == null ? "" : objParam[3]); ;
paramErrDescrip.Value = (objParam[4] == null ? "" : objParam[4]); ;
paramErrDate.Value = (objParam[5] == null ? DateTime.Now : objParam[5]); ;
paramErrScreen.Value = (objParam[6] == null ? "" : objParam[6]); ;
paramStatus.Value = (objParam[7] == null ? "" : objParam[7]); ;
command.Parameters.Add(paramUserId);
command.Parameters.Add(paramMoudleName);
command.Parameters.Add(paramErrMessage);
command.Parameters.Add(paramErrStack);
command.Parameters.Add(paramErrDescrip);
command.Parameters.Add(paramErrDate);
command.Parameters.Add(paramErrScreen);
command.Parameters.Add(paramStatus);
Int32 i = command.ExecuteNonQuery();
if (i != 1)
{
return new object[] { 1 };
}
else
{
return new object[] { 0 };
}
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conn, true);
}
#endregion
}
public object OPMenu(object[] objParam)
{
string strMenuID = (String)objParam[0];
string strCaption = (String)objParam[1];
string strParent = (String)objParam[2];
string strModuleType = (String)objParam[3];
string strPackage = (String)objParam[4];
string strItemParam = (String)objParam[5];
string strForm = (String)objParam[6];
string strItemType = (String)objParam[7];
string strSEQ_NO = (String)objParam[8];
string strImageUrl = (String)objParam[11];
string captionlanguage = (String)objParam[12];
Srvtools.MGControl.OpType optype = (Srvtools.MGControl.OpType)objParam[9];
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "";
string strBlob = "";
if (nwindConn is SqlConnection)
strBlob = "update MENUTABLE set [IMAGE] = @icon where MENUID = '" + strMenuID + "'";
else if (nwindConn is OracleConnection)
strBlob = "update MENUTABLE set IMAGE = :icon where MENUID = '" + strMenuID + "'";
else if (nwindConn is OdbcConnection)
strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'";
else if (nwindConn is OleDbConnection)
strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'";
else if (nwindConn.GetType().Name == "MySqlConnection")
strBlob = "update MENUTABLE set IMAGE = @icon where MENUID = '" + strMenuID + "'";
else if (nwindConn.GetType().Name == "IfxConnection")
strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'";
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
if (optype == Srvtools.MGControl.OpType.add)
{
if (nwindConn is SqlConnection)
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values (@MENUID, @CAPTION" + captionlanguage + ", @PARENT, @MODULETYPE, @PACKAGE, @ITEMPARAM, @FORM, @ITEMTYPE, @SEQ_NO, @IMAGEURL)";
else if (nwindConn is OracleConnection)
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values (:MENUID, :CAPTION" + captionlanguage + ", :PARENT, :MODULETYPE, :PACKAGE, :ITEMPARAM, :FORM, :ITEMTYPE, :SEQ_NO, :IMAGEURL)";
else if (nwindConn is OdbcConnection)
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
"', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
else if (nwindConn is OleDbConnection)
//strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
// "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
// "', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM,IMAGE, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
"', '" + strItemParam + "', '" + strForm + "', " + "0x0" + ", '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
else if (nwindConn.GetType().Name == "MySqlConnection")
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM,IMAGE, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
"', '" + strItemParam + "', '" + strForm + "', " + "0x0" + ", '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
else if (nwindConn.GetType().Name == "IfxConnection")
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
"', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
if (nwindConn is SqlConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new SqlParameter("@MENUID", strMenuID));
cmd.Parameters.Add(new SqlParameter("@CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption));
cmd.Parameters.Add(new SqlParameter("@PARENT", strParent == null ? String.Empty : strParent));
cmd.Parameters.Add(new SqlParameter("@MODULETYPE", strModuleType == null ? String.Empty : strModuleType));
cmd.Parameters.Add(new SqlParameter("@PACKAGE", strPackage == null ? String.Empty : strPackage));
cmd.Parameters.Add(new SqlParameter("@ITEMPARAM", strItemParam == null ? String.Empty : strItemParam));
cmd.Parameters.Add(new SqlParameter("@FORM", strForm == null ? String.Empty : strForm));
//cmd.Parameters.Add(new SqlParameter("@IMAGE", "'0'"));
cmd.Parameters.Add(new SqlParameter("@ITEMTYPE", strItemType == null ? String.Empty : strItemType));
cmd.Parameters.Add(new SqlParameter("@SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO));
cmd.Parameters.Add(new SqlParameter("@IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OracleConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new OracleParameter(":MENUID", strMenuID));
cmd.Parameters.Add(new OracleParameter(":CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption));
cmd.Parameters.Add(new OracleParameter(":PARENT", strParent == null ? String.Empty : strParent));
cmd.Parameters.Add(new OracleParameter(":MODULETYPE", strModuleType == null ? String.Empty : strModuleType));
cmd.Parameters.Add(new OracleParameter(":PACKAGE", strPackage == null ? String.Empty : strPackage));
cmd.Parameters.Add(new OracleParameter(":ITEMPARAM", strItemParam == null ? String.Empty : strItemParam));
cmd.Parameters.Add(new OracleParameter(":FORM", strForm == null ? String.Empty : strForm));
//cmd.Parameters.Add(new OracleParameter(":IMAGE", "'0'"));
cmd.Parameters.Add(new OracleParameter(":ITEMTYPE", strItemType == null ? String.Empty : strItemType));
cmd.Parameters.Add(new OracleParameter(":SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO));
cmd.Parameters.Add(new OracleParameter(":IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OdbcConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new OdbcParameter("?", strMenuID));
cmd.Parameters.Add(new OdbcParameter("?" + captionlanguage, strCaption));
cmd.Parameters.Add(new OdbcParameter("?", strParent));
cmd.Parameters.Add(new OdbcParameter("?", strModuleType));
cmd.Parameters.Add(new OdbcParameter("?", strPackage));
cmd.Parameters.Add(new OdbcParameter("?", strItemParam));
cmd.Parameters.Add(new OdbcParameter("?", strForm));
cmd.Parameters.Add(new OdbcParameter("?", "'0'"));
cmd.Parameters.Add(new OdbcParameter("?", strItemType));
cmd.Parameters.Add(new OdbcParameter("?", strSEQ_NO));
cmd.Parameters.Add(new OdbcParameter("?", strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OleDbConnection)
{
cmd.CommandText = strSql;
//cmd.Parameters.Add(new OleDbParameter("@MENUID", strMenuID));
//cmd.Parameters.Add(new OleDbParameter("@CAPTION" + captionlanguage, strCaption));
//cmd.Parameters.Add(new OleDbParameter("@PARENT", strParent));
//cmd.Parameters.Add(new OleDbParameter("@MODULETYPE", strModuleType));
//cmd.Parameters.Add(new OleDbParameter("@PACKAGE", strPackage));
//cmd.Parameters.Add(new OleDbParameter("@ITEMPARAM", strItemParam));
//cmd.Parameters.Add(new OleDbParameter("@FORM", strForm));
//cmd.Parameters.Add(new OleDbParameter("@IMAGE", "'0'"));
//cmd.Parameters.Add(new OleDbParameter("@ITEMTYPE", strItemType));
//cmd.Parameters.Add(new OleDbParameter("@SEQ_NO", strSEQ_NO));
//cmd.Parameters.Add(new OleDbParameter("@IMAGEURL", strImageUrl));
cmd.ExecuteNonQuery();
}
#if MySql
else if (nwindConn is MySqlConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new MySqlParameter("@MENUID", strMenuID));
cmd.Parameters.Add(new MySqlParameter("@CAPTION" + captionlanguage, strCaption));
cmd.Parameters.Add(new MySqlParameter("@PARENT", strParent));
cmd.Parameters.Add(new MySqlParameter("@MODULETYPE", strModuleType));
cmd.Parameters.Add(new MySqlParameter("@PACKAGE", strPackage));
cmd.Parameters.Add(new MySqlParameter("@ITEMPARAM", strItemParam));
cmd.Parameters.Add(new MySqlParameter("@FORM", strForm));
cmd.Parameters.Add(new MySqlParameter("@IMAGE", "'0'"));
cmd.Parameters.Add(new MySqlParameter("@ITEMTYPE", strItemType));
cmd.Parameters.Add(new MySqlParameter("@SEQ_NO", strSEQ_NO));
cmd.Parameters.Add(new MySqlParameter("@IMAGEURL", strImageUrl));
cmd.ExecuteNonQuery();
}
#endif
#if Informix
else if (nwindConn is IBM.Data.Informix.IfxConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strMenuID));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?" + captionlanguage, strCaption));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strParent));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strModuleType));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strPackage));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemParam));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strForm));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", "'0'"));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemType));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strSEQ_NO));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strImageUrl));
cmd.ExecuteNonQuery();
}
#endif
}
else if (optype == Srvtools.MGControl.OpType.modify)
{
if (nwindConn is SqlConnection)
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = @CAPTION" + captionlanguage + ", PARENT = @PARENT, MODULETYPE = @MODULETYPE"
+ ", PACKAGE = @PACKAGE, ITEMPARAM = @ITEMPARAM, FORM = @FORM, ITEMTYPE = @ITEMTYPE, SEQ_NO = @SEQ_NO, IMAGEURL = @IMAGEURL where MENUID = '" + strMenuID + "'";
else if (nwindConn is OracleConnection)
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = :CAPTION" + captionlanguage + ", PARENT = :PARENT, MODULETYPE = :MODULETYPE"
+ ", PACKAGE = :PACKAGE, ITEMPARAM = :ITEMPARAM, FORM = :FORM, ITEMTYPE = :ITEMTYPE, SEQ_NO = :SEQ_NO, IMAGEURL = :IMAGEURL where MENUID = '" + strMenuID + "'";
else if (nwindConn is OdbcConnection)
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = '" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" +
strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" +
strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'";
else if (nwindConn is OleDbConnection)
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = N'" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" +
strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" +
strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'";
else if (nwindConn.GetType().Name == "MySqlConnection")
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = N'" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" +
strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" +
strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'";
else if (nwindConn.GetType().Name == "IfxConnection")
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = '" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" +
strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" +
strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'";
if (nwindConn is SqlConnection)
{
cmd.CommandText = strSql;
//cmd.Parameters.Add(new SqlParameter("@MENUID", strMenuID));
cmd.Parameters.Add(new SqlParameter("@CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption));
cmd.Parameters.Add(new SqlParameter("@PARENT", strParent == null ? String.Empty : strParent));
cmd.Parameters.Add(new SqlParameter("@MODULETYPE", strModuleType == null ? String.Empty : strModuleType));
cmd.Parameters.Add(new SqlParameter("@PACKAGE", strPackage == null ? String.Empty : strPackage));
cmd.Parameters.Add(new SqlParameter("@ITEMPARAM", strItemParam == null ? String.Empty : strItemParam));
cmd.Parameters.Add(new SqlParameter("@FORM", strForm == null ? String.Empty : strForm));
//cmd.Parameters.Add(new SqlParameter("@IMAGE", "'0'"));
cmd.Parameters.Add(new SqlParameter("@ITEMTYPE", strItemType == null ? String.Empty : strItemType));
cmd.Parameters.Add(new SqlParameter("@SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO));
cmd.Parameters.Add(new SqlParameter("@IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OracleConnection)
{
cmd.CommandText = strSql;
//cmd.Parameters.Add(new OracleParameter(":MENUID", strMenuID));
cmd.Parameters.Add(new OracleParameter(":CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption));
cmd.Parameters.Add(new OracleParameter(":PARENT", strParent == null ? String.Empty : strParent));
cmd.Parameters.Add(new OracleParameter(":MODULETYPE", strModuleType == null ? String.Empty : strModuleType));
cmd.Parameters.Add(new OracleParameter(":PACKAGE", strPackage == null ? String.Empty : strPackage));
cmd.Parameters.Add(new OracleParameter(":ITEMPARAM", strItemParam == null ? String.Empty : strItemParam));
cmd.Parameters.Add(new OracleParameter(":FORM", strForm == null ? String.Empty : strForm));
//cmd.Parameters.Add(new OracleParameter(":IMAGE", "'0'"));
cmd.Parameters.Add(new OracleParameter(":ITEMTYPE", strItemType == null ? String.Empty : strItemType));
cmd.Parameters.Add(new OracleParameter(":SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO));
cmd.Parameters.Add(new OracleParameter(":IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OdbcConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new OdbcParameter("?", strMenuID));
cmd.Parameters.Add(new OdbcParameter("?" + captionlanguage, strCaption));
cmd.Parameters.Add(new OdbcParameter("?", strParent));
cmd.Parameters.Add(new OdbcParameter("?", strModuleType));
cmd.Parameters.Add(new OdbcParameter("?", strPackage));
cmd.Parameters.Add(new OdbcParameter("?", strItemParam));
cmd.Parameters.Add(new OdbcParameter("?", strForm));
cmd.Parameters.Add(new OdbcParameter("?", "'0'"));
cmd.Parameters.Add(new OdbcParameter("?", strItemType));
cmd.Parameters.Add(new OdbcParameter("?", strSEQ_NO));
cmd.Parameters.Add(new OdbcParameter("?", strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OleDbConnection)
{
cmd.CommandText = strSql;
//cmd.Parameters.Add(new OleDbParameter("@MENUID", strMenuID));
//cmd.Parameters.Add(new OleDbParameter("@CAPTION" + captionlanguage, strCaption));
//cmd.Parameters.Add(new OleDbParameter("@PARENT", strParent));
//cmd.Parameters.Add(new OleDbParameter("@MODULETYPE", strModuleType));
//cmd.Parameters.Add(new OleDbParameter("@PACKAGE", strPackage));
//cmd.Parameters.Add(new OleDbParameter("@ITEMPARAM", strItemParam));
//cmd.Parameters.Add(new OleDbParameter("@FORM", strForm));
//cmd.Parameters.Add(new OleDbParameter("@IMAGE", "'0'"));
//cmd.Parameters.Add(new OleDbParameter("@ITEMTYPE", strItemType));
//cmd.Parameters.Add(new OleDbParameter("@SEQ_NO", strSEQ_NO));
//cmd.Parameters.Add(new OleDbParameter("@IMAGEURL", strImageUrl));
cmd.ExecuteNonQuery();
}
#if MySql
else if (nwindConn is MySqlConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new MySqlParameter("@MENUID", strMenuID));
cmd.Parameters.Add(new MySqlParameter("@CAPTION" + captionlanguage, strCaption));
cmd.Parameters.Add(new MySqlParameter("@PARENT", strParent));
cmd.Parameters.Add(new MySqlParameter("@MODULETYPE", strModuleType));
cmd.Parameters.Add(new MySqlParameter("@PACKAGE", strPackage));
cmd.Parameters.Add(new MySqlParameter("@ITEMPARAM", strItemParam));
cmd.Parameters.Add(new MySqlParameter("@FORM", strForm));
cmd.Parameters.Add(new MySqlParameter("@IMAGE", "'0'"));
cmd.Parameters.Add(new MySqlParameter("@ITEMTYPE", strItemType));
cmd.Parameters.Add(new MySqlParameter("@SEQ_NO", strSEQ_NO));
cmd.Parameters.Add(new MySqlParameter("@IMAGEURL", strImageUrl));
cmd.ExecuteNonQuery();
}
#endif
#if Informix
else if (nwindConn is IBM.Data.Informix.IfxConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strMenuID));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?" + captionlanguage, strCaption));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strParent));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strModuleType));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strPackage));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemParam));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strForm));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", "'0'"));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemType));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strSEQ_NO));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strImageUrl));
cmd.ExecuteNonQuery();
}
#endif
}
else
{
strSql = "delete from MENUTABLE where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from USERMENUS where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from GROUPMENUS where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from MENUTABLECONTROL where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from USERMENUCONTROL where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from GROUPMENUCONTROL where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
}
if (optype != Srvtools.MGControl.OpType.delete && objParam[10] != null)
{
byte[] blob = (byte[])objParam[10];
if (nwindConn is SqlConnection)
{
SqlParameter param = new SqlParameter("@icon", SqlDbType.VarBinary, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
}
else if (nwindConn is OracleConnection)
{
OracleParameter param = new OracleParameter(":icon", OracleType.Blob, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
}
else if (nwindConn is OdbcConnection)
{
OdbcParameter param = new OdbcParameter("?", OdbcType.VarBinary, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
try
{
cmd.ExecuteNonQuery();
}
catch (Exception e)
{
string str = e.Message;
}
}
else if (nwindConn is OleDbConnection)
{
OleDbParameter param = new OleDbParameter("@icon", OleDbType.LongVarBinary, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
}
#if MySql
else if (nwindConn is MySqlConnection)
{
MySqlParameter param = new MySqlParameter("@icon", MySqlDbType.Blob, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
}
#endif
#if Informix
else if (nwindConn is IBM.Data.Informix.IfxConnection)
{
IBM.Data.Informix.IfxParameter param = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Blob, blob.Length,
ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
try
{
cmd.ExecuteNonQuery();
}
catch (Exception e)
{
string str = e.Message;
}
}
#endif
}
return new object[] { 0, null };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object[] AnyQuerySave(object[] param)
{
String userID = GetClientInfo(ClientInfoType.LoginUser).ToString();
String queryID = param[0].ToString();
String templateID = param[1].ToString();
String xmlText = param[2].ToString();
String tableName = param[3].ToString();
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
String sql = "DELETE FROM SYS_ANYQUERY WHERE USERID='" + userID + "' AND QUERYID='" + queryID + "' AND TEMPLATEID='" + templateID + "'";
InfoCommand myCommand = new InfoCommand(ClientInfo);
myCommand.Connection = nwindConn;
myCommand.CommandText = sql;
myCommand.ExecuteNonQuery();
String dt = DateTime.Now.ToShortDateString() + " " + DateTime.Now.Hour + ":" + DateTime.Now.Minute + ":" + DateTime.Now.Second;
if (ct == ClientType.ctMsSql)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', @CONTENT)";
SqlParameter paramContent = new SqlParameter();
paramContent.ParameterName = "@CONTENT";
paramContent.SqlDbType = SqlDbType.Text;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
else if (ct == ClientType.ctOracle)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', to_date('" + dt + "', 'yyyy/mm/dd hh24:mi:ss'), :CONTENT)";
OracleParameter paramContent = new OracleParameter();
paramContent.ParameterName = ":CONTENT";
paramContent.OracleType = OracleType.Blob;
byte[] byteArray = System.Text.Encoding.Default.GetBytes(xmlText);
paramContent.Value = byteArray;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
else if (ct == ClientType.ctODBC)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)";
OdbcParameter paramContent = new OdbcParameter();
paramContent.ParameterName = "@CONTENT";
paramContent.OdbcType = OdbcType.NText;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
else if (ct == ClientType.ctOleDB)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)";
OleDbParameter paramContent = new OleDbParameter();
paramContent.ParameterName = "@CONTENT";
paramContent.OleDbType = OleDbType.Binary;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
#if MySQL
else if (ct == ClientType.ctMySql)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', @CONTENT)";
SqlParameter paramContent = new SqlParameter();
paramContent.ParameterName = "@CONTENT";
paramContent.SqlDbType = SqlDbType.Text;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
#endif
#if Informix
else if (ct == ClientType.ctInformix)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)";
IBM.Data.Informix.IfxParameter paramContent = new IBM.Data.Informix.IfxParameter();
paramContent.ParameterName = "?";
paramContent.IfxType = IBM.Data.Informix.IfxType.Text;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
#endif
myCommand.ExecuteNonQuery();
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
