/// <summary>
/// 修改管理员密码
/// </summary>
/// <param name="Phone">电话号码</param>
/// <param name="OldPsd">旧密码</param>
/// <param name="NewPsd">新密码</param>
public static ReturnClass RestPwd(string Phone, string OldPwd, string NewPwd)
{
ReturnClass err = new ReturnClass();
if (StaticInfo.hasNoZhuRu(Phone) && StaticInfo.hasNoZhuRu(OldPwd) && StaticInfo.hasNoZhuRu(NewPwd))
{
try
{
err.result = DBConnection.YuanGongInfo.RestPwd(Phone, OldPwd, NewPwd);
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("RestYuanGongPwd", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 登录用手机号加密码
/// </summary>
/// <param name="Phone">电话号码</param>
/// <param name="pwd">密码</param>
/// <returns></returns>
public static ReturnClass Login(string Phone, string pwd)
{
ReturnClass err = new ReturnClass();
if (hasNoZhuRu(Phone) && hasNoZhuRu(pwd))
{
try
{
err.result = DBConnection.YuanGongInfo.SelectYuanGongInfoLogin(Phone, pwd);
if (err.result != null)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
err.Msg = "手机号和密码不存在或者不匹配!";
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("SelectYuanGongInfoLogin", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 添加管理员
/// </summary>
/// <param name="AdminID">账号</param>
/// <param name="Name">姓名</param>
/// <param name="AdminType">管理员类型</param>
/// <param name="Password">密码</param>
/// <param name="Phone">电话</param>
public static ReturnClass AddAdmin(string AdminID, string Name, int AdminType, string Password, string Phone)
{
ReturnClass err = new ReturnClass();
if (StaticInfo.hasNoZhuRu(AdminID) && StaticInfo.hasNoZhuRu(Name) && StaticInfo.hasNoZhuRu(Password) && StaticInfo.hasNoZhuRu(Phone))
{
try
{
err.result = DBConnection.AdminInfo.InsertAdminInfo(AdminID, Name, AdminType, Password, Phone);
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("AddAdmin", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// Order_删除订单
/// </summary>
/// <param name="OrderID">订单ID</param>
public static ReturnClass DeleteOrder(string OrderID)
{
ReturnClass err = new ReturnClass();
if (StaticInfo.hasNoZhuRu(OrderID))
{
try
{
err.result = DBConnection.OrderData.DeleteOrderData(OrderID);
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("DeleteOrder", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// Order_查询单条订单详情
/// </summary>
/// <param name="OrderID">订单ID</param>
public static ReturnClass SelectOrderInfo(string OrderID)
{
ReturnClass err = new ReturnClass();
if (StaticInfo.hasNoZhuRu(OrderID))
{
try
{
err.result = DBConnection.OrderInfo.SelectOrder(OrderID);
if (err.result != null)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("SelectOrderInfo", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 查询所有单品类别
/// </summary>
/// <param name="ID">ID</param>
public static ReturnClass SelectTotalCategory()
{
ReturnClass err = new ReturnClass();
if (StaticInfo.hasNoZhuRu("aa"))
{
try
{
err.result = DBConnection.SystemConfig.SelectTotalCategory();
if (err.result != null)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("SelectTotalCategory", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 修改员工信息
/// </summary>
/// <param name="YuanGongID">员工ID</param>
/// <param name="Password">密码</param>
/// <param name="Name">姓名</param>
/// <param name="YuanGongType">工种</param>
/// <param name="WorkGroup">工作组</param>
/// <param name="Phone">电话</param>
/// <param name="CategoryID">厨师用的类别</param>
public static ReturnClass UpDateYuanGong(string YuanGongID, string Password, string Name, int ShopID, int YuanGongType, int WorkGroup, string Phone, int CategoryID)
{
ReturnClass err = new ReturnClass();
if (StaticInfo.hasNoZhuRu(YuanGongID) && StaticInfo.hasNoZhuRu(Name) && StaticInfo.hasNoZhuRu(Password) && StaticInfo.hasNoZhuRu(Phone))
{
try
{
err.result = DBConnection.YuanGongInfo.UpdateYuanGongInfo(YuanGongID, Password, Name, ShopID, YuanGongType, WorkGroup, Phone, CategoryID);
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("UpdateYuanGong", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 添加系统设置
/// </summary>
/// <param name="Value">账号</param>
/// <param name="Name">姓名</param>
/// <param name="ConfigID">系统设置ID</param>
/// <param name="ConfigName">系统设置名称</param>
public static ReturnClass AddSystemConfig(string Value, string Name, int ConfigID, string ConfigName)
{
ReturnClass err = new ReturnClass();
if (StaticInfo.hasNoZhuRu(Value) && StaticInfo.hasNoZhuRu(ConfigName))
{
try
{
err.result = DBConnection.SystemConfig.InsertSystemConfig(Value, Name, ConfigID, ConfigName);
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("AddSystemConfig", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 修改餐品信息
/// </summary>
/// <param name="ID">餐品ID</param>
/// <param name="FoodName">菜名</param>
/// <param name="Category">种类</param>
/// <param name="pic">图片地址</param>
/// <param name="ShopID">商店ID</param>
/// <param name="MenuID">菜单ID</param>
/// <param name="Des">描述</param>
/// <param name="Price">单价</param>
/// <param name="AdminID">添加人ID</param>
/// <param name="IsShow">是否显示</param>
public static ReturnClass UpDateFood(int ID, string FoodName, int Category, string pic, int ShopID, int MenuID, string Des, string Price, string AdminID, int IsShow)
{
ReturnClass err = new ReturnClass();
if (StaticInfo.hasNoZhuRu(FoodName) && StaticInfo.hasNoZhuRu(pic) && StaticInfo.hasNoZhuRu(Des) && StaticInfo.hasNoZhuRu(Price) && StaticInfo.hasNoZhuRu(AdminID))
{
try
{
err.result = DBConnection.FoodInfo.UpdateFoodInfo(ID, FoodName, Category, pic, ShopID, MenuID, Des, Price, AdminID, IsShow);
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("UpdateFood", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 修改系统设置
/// </summary>
/// <param name="ID">编号</param>
/// <param name="Value">内容</param>
public static ReturnClass UpdateSystemConfig(string ID, string Value)
{
ReturnClass err = new ReturnClass();
string[] strID = ID.Split(',');
int countSussed = 0;
if (StaticInfo.hasNoZhuRu(Value))
{
try
{
foreach (string sid in strID)
{
if (sid != "")
{
countSussed += DBConnection.SystemConfig.UpdateSystemConfig(Convert.ToInt32(sid), Value);
}
}
err.result = countSussed;
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("AddSystemConfig", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 删除餐品
/// </summary>
/// <param name="ID">餐品ID</param>
public static ReturnClass DeleteFood(int ID)
{
ReturnClass err = new ReturnClass();
try
{
err.result = DBConnection.FoodInfo.DeleteFoodInfo(ID);
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("DeleteFood", ex.ToString(), DateTime.Now);
}
return(err);
}
/// <summary>
/// 查询餐品总数
/// </summary>
public static ReturnClass SelectFoodDataNum()
{
ReturnClass err = new ReturnClass();
try
{
err.result = DBConnection.FoodInfo.SelectTotalFoodInfoDataNum();
if (err.result != null)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("SelectFoodDataNum", ex.ToString(), DateTime.Now);
}
return(err);
}
/// <summary>
/// Order_修改状态
/// </summary>
/// <param name="OrderID">订单ID</param>
/// <param name="State">状态</param>
public static ReturnClass UpDateOrderState(string OrderID, int State)
{
ReturnClass err = new ReturnClass();
string[] strOrderID = OrderID.Split(',');
int CountRows = 0;
if (StaticInfo.hasNoZhuRu(OrderID))
{
try
{
foreach (string oid in strOrderID)
{
CountRows += DBConnection.OrderData.UpdateOrderState(oid, State);
}
err.result = CountRows;
if (Convert.ToInt32(err.result) > 0)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("UpdateOrderState", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// 创建一个Token
/// </summary>
/// <param name="jsonStr"></param>
/// <returns></returns>
public static ReturnClass CreatToken(string jsonStr)
{
ReturnClass rc = new ReturnClass();
try
{
JObject jObj = new JObject();
jObj = JObject.Parse(jsonStr);
if (string.IsNullOrEmpty(jObj["UserName"].ToString()) || string.IsNullOrEmpty(jObj["Password"].ToString()))
{
rc.Msg = "参数为空";
rc.Code = Code.ERR_Sign;
rc.Data = "";
return(rc);
}
string userName = jObj["UserName"].ToString(); //用户名
string password = StaticInfo.MD5Encrypt32(jObj["Password"].ToString()); //密码
//去数据库查询是否有合法
MySqlParameter[] sp = new MySqlParameter[2];
sp[0] = new MySqlParameter("@account", userName);
sp[1] = new MySqlParameter("@password", password);
var sqlselect1 = string.Format("select * from ws_system_admin where account=@account and pwd=@password");
//DataRow result=MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0].Rows[0];
//DataTable dtneed=MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0];
DataTable dataTable = MySqlHelper.GetDataSet(MySqlHelper.Conn, CommandType.Text, sqlselect1, sp).Tables[0];
if (dataTable.Rows.Count < 1)
{
rc.Msg = "用户名或密码错误";
rc.Code = Code.ERR_Sign;
rc.Data = "";
return(rc);
}
DataRow result = dataTable.Rows[0]; //MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0].Rows[0]; //SqlHelper.ExecuteDataRow( System.Data.CommandType.Text, "select * from [Base_Users] where UserName='******' and Password='******'");
if (result == null) //说明不存在
{
rc.Msg = "用户不存在";
rc.Code = Code.ERR_Sign;
rc.Data = "";
return(rc);
}
// //只要是一登陆先清除token
// MemoryCachingHelper._cache.Remove(result["UserID"].ToString());
// //先判断下缓存中是否存在 这个地方必须拿token去获取
// if(MemoryCachingHelper.Exists(result["UserID"].ToString()))
// {
// rc.Msg = "成功!";
// rc.Code = Code.SUCCED;
// rc.Data = (Token)MemoryCachingHelper.Get(result["UserID"].ToString());
// }
// else//不存在才会去生成Token
//登陆时先删除
var redisTokenFlag = result["id"].ToString() + result["account"].ToString();
if (RedisStaticHelper.Exists(redisTokenFlag))
{
//先删除
var jwtTokenStr = RedisStaticHelper.Get(redisTokenFlag);
RedisStaticHelper.Del(jwtTokenStr);
RedisStaticHelper.Del(redisTokenFlag);
}
{
//生成JWT
//生成token
Token tk = new Token();
tk.userName = result["account"].ToString();
tk.userID = result["id"].ToString();
tk.sub = "Client";
//距离上次登录的毫秒数
tk.Timestamp = Convert.ToString(DateTimeToStamp(DateTime.Now)); //DateTime.Now.ToString("yyyyMMddHHmmss");
//token生成规则 用户名 密码 时间戳 MD5加密
//tk.AccessToken = MD5Encrypt32(EmpID, password, tk.Timestamp);
//存一下token
DateTime UTC = DateTime.UtcNow;
Claim[] claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Sub, tk.sub), //Subject,
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), //JWT ID,JWT的唯一标识
new Claim(JwtRegisteredClaimNames.Iat, UTC.ToString(), ClaimValueTypes.Integer64), //Issued At,JWT颁发的时间,采用标准unix时间,用于验证过期
};
JwtSecurityToken jwt = new JwtSecurityToken(
issuer: "TianTao", //jwt签发者,非必须
audience: tk.userName, //jwt的接收该方,非必须
claims: claims, //声明集合
expires: UTC.AddHours(12), //指定token的生命周期,unix时间戳格式,非必须
signingCredentials: new Microsoft.IdentityModel.Tokens
.SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes("RayPI's Secret Key")), SecurityAlgorithms.HmacSha256)); //使用私钥进行签名加密
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); //生成最后的JWT字符串
tk.AccessToken = encodedJwt;
// int count = SqlHelper.ExecuteNonQuery(System.Data.CommandType.Text, "update [Emp] set Token='" + tk.AccessToken + "' where EmpID='" + EmpID + "' and Pwd='" + password + "'");
// if (count < 1)
// {
// rc.Msg = "失败,重试";
// rc.Code = Code.SystemError;
// rc.Data = "";
// return rc;
// }
rc.Msg = "成功!";
rc.Code = Code.SUCCED;
rc.Data = tk;
//将token 存入缓存
//MemoryCachingHelper.addMemoryCache(tk.AccessToken,tk,new TimeSpan(0,10,0),new TimeSpan(0,10,0));
RedisStaticHelper.Set(tk.AccessToken, tk.ToJson());
RedisStaticHelper.Set(tk.userID + tk.userName, tk.AccessToken);
}
return(rc);
}
catch (Exception ex)
{
StaticInfo.Log(ex.ToString());
rc.Msg = "违反了中央八项纪律";
rc.Code = Code.SystemError;
rc.Data = "";
return(rc);
}
}
/// <summary>
/// Order_厨师查看自己的订单详情
/// </summary>
/// <param name="ShopID">店铺ID</param>
public static ReturnClass SelectTotalOrderDataFenCan(int ShopID)
{
////看一下当前时间应该是查看什么时间段的订餐
DateTime OrderTime = DateTime.Now;
int intTime = 0;
int intOrderTime = Convert.ToInt32(DateTime.Now.ToString("yyyyMMddHH"));
if (intOrderTime <= Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd06")))//当日早餐
{
intTime = 1;
}
else if (intOrderTime >= Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd06")) && intOrderTime < Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd12")))//当日午餐
{
intTime = 2;
}
else if (intOrderTime >= Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd12")) && intOrderTime < Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd18")))//当日晚餐
{
intTime = 3;
}
else if (intOrderTime >= Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd18")) && intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd24")))//明天早餐
{
OrderTime.AddDays(1);
intTime = 1;
}
ReturnClass err = new ReturnClass();
int thisTime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));
if (StaticInfo.hasNoZhuRu("aa"))
{
try
{
if (intTime == 0)
{
int Btime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00")); //开始的时间 2016082500
int Etime = Convert.ToInt32(OrderTime.AddDays(1).ToString("yyyyMMdd00")); //结束的时间 2016082600
}
else if (intTime == 1) //早餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(1).Rows[0]["Value"]); //早晨6:00
}
else if (intTime == 2) //午餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(2).Rows[0]["Value"]); //中午12:00
}
else if (intTime == 3) //晚餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(3).Rows[0]["Value"]); //下午18:00
}
DataTable dt1 = DBConnection.OrderInfo.SelectTotalFenCanNum(thisTime, ShopID);
DataTable dt2 = DBConnection.OrderInfo.SelectTotalFenCanNumBySongCanYuan(thisTime, ShopID);
dt1.Columns.Add("NumByYuanGong");
foreach (DataRow dr in dt1.Rows)
{
string s = "";
foreach (DataRow drr in dt2.Rows)
{
if (dr["FoodID"].ToString() == drr["FoodID"].ToString())
{
if (drr["YuanGongName"].ToString() != "")
{
s += drr["YuanGongName"].ToString() + ":" + drr["totalNum"].ToString() + "份 ";
}
else
{
s += "未知人" + ":" + drr["totalNum"].ToString() + "份 ";
}
}
}
dr["NumByYuanGong"] = s;
}
err.result = dt1;
if (err.result != null)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("SelectTotalOrderInfoChuShi", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// Order_送餐员查看自己要送的订单
/// </summary>
/// <param name="intTime">哪个时间段的订餐 0:全天 1:早餐 2:午餐 3:晚餐</param>
/// <param name="State">订单的状态 0:未结束 1:已结束</param>
/// <param name="ShopID">店铺ID</param>
/// <param name="OrderTime">要查询的订单送餐时间</param>
/// where OrderTime = 2016082418 and y.YuanGongID = 2 and d.ShopID = 1 and d.State = 0
public static ReturnClass SelectTotalOrderDataSongCan(int intTime, int State, int ShopID, DateTime OrderTime, int YuanGongID)
{
ReturnClass err = new ReturnClass();
string sqlWhere = "where 1=1 and d.ShopID=" + Convert.ToString(ShopID) + " ";//where OrderTime = 2016082418 and y.YuanGongID = 2 and d.ShopID = 1 and d.State = 0
int thisTime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));
if (StaticInfo.hasNoZhuRu("aa"))
{
try
{
if (intTime == 0)
{
int Btime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00")); //开始的时间 2016082500
int Etime = Convert.ToInt32(OrderTime.AddDays(1).ToString("yyyyMMdd00")); //结束的时间 2016082600
sqlWhere += " and d.OrderTime between " + Btime + " and " + Etime + " ";
}
else if (intTime == 1) //早餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(1).Rows[0]["Value"]); //早晨6:00
sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
}
else if (intTime == 2) //午餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(2).Rows[0]["Value"]); //中午12:00
sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
}
else if (intTime == 3) //晚餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(3).Rows[0]["Value"]); //下午18:00
sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
}
if (State != -1)
{
sqlWhere += " and d.State=" + Convert.ToString(State) + " ";
}
if (YuanGongID != -1)
{
sqlWhere += " and d.YuanGongID=" + Convert.ToString(YuanGongID) + " ";
}
err.result = DBConnection.OrderData.SelectTotalOrderDataSongCan(sqlWhere);
if (err.result != null)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("SelectTotalOrderInfoChuShi", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// Order_厨师查看自己的订单详情
/// </summary>
/// /// <param name="intTime">哪个时间段的订餐 0:全天 1:早餐 2:午餐 3:晚餐</param>
/// <param name="State">订单的状态 0:未结束 1:已结束</param>
/// <param name="ShopID">店铺ID</param>
/// <param name="OrderTime">查询的日期</param>
/// <param name="Category">种类 1:肉类2:蔬菜类3:面食</param>
public static ReturnClass SelectTotalOrderInfoChuShi(int intTime, int State, int ShopID, DateTime OrderTime, int Category)
{
////看一下当前时间应该是查看什么时间段的订餐
OrderTime = DateTime.Now;
//int intOrderTime =Convert.ToInt32(DateTime.Now.ToString("yyyyMMddHH"));
//if(intOrderTime<Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd06")))//当日早餐
//{
// intTime = 1;
//}
//else if(intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd06"))&& intOrderTime < Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd12")))//当日午餐
//{
// intTime = 2;
//}
//else if (intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd12")) && intOrderTime < Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd18")))//当日晚餐
//{
// intTime = 3;
//}
//else if(intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd18"))&& intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd24")))//明天早餐
//{
// OrderTime.AddDays(1);
// intTime = 1;
//}
ReturnClass err = new ReturnClass();
string sqlWhere = "where 1=1 and f.ShopID=" + Convert.ToString(ShopID) + " ";//where i.OrderTime =2016082418 and c.ID=1 and f.ShopID=1 and d.State=0
int thisTime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));
if (StaticInfo.hasNoZhuRu("aa"))
{
try
{
if (intTime == 0)
{
int Btime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00")); //开始的时间 2016082500
int Etime = Convert.ToInt32(OrderTime.AddDays(1).ToString("yyyyMMdd00")); //结束的时间 2016082600
sqlWhere += " and i.OrderTime between " + Btime + " and " + Etime + " ";
}
else if (intTime == 1) //早餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(1).Rows[0]["Value"]); //早晨6:00
sqlWhere += " and i.OrderTime =" + Convert.ToString(thisTime) + " ";
}
else if (intTime == 2) //午餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(2).Rows[0]["Value"]); //中午12:00
sqlWhere += " and i.OrderTime =" + Convert.ToString(thisTime) + " ";
}
else if (intTime == 3) //晚餐
{
thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(3).Rows[0]["Value"]); //下午18:00
sqlWhere += " and i.OrderTime =" + Convert.ToString(thisTime) + " ";
}
if (State != -1)
{
sqlWhere += " and d.State=" + Convert.ToString(State) + " ";
}
if (Category != -1)
{
sqlWhere += " and c.ID=" + Convert.ToString(Category) + " ";
}
err.result = DBConnection.OrderInfo.SelectTotalOrderInfoChuShi(sqlWhere);
if (err.result != null)
{
err.Code = ErrorCode.SUSCCED;
}
else
{
err.Code = ErrorCode.FAIL;
}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("SelectTotalOrderInfoChuShi", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
/// <summary>
/// Order插入数据
/// </summary>
/// <param name="Name">姓名</param>
/// <param name="Phone">电话</param>
/// <param name="Address">地址</param>
/// <param name="ShopID">商店ID</param>
/// <param name="List">订单详情</param>
/// <param name="OrderTime">预定时间</param>
/// <param name="OrderDate">预定日期</param>
///
/// 插入orderData 表->插入单品到orderInfo表->计算价格->返回清单给顾客->付款
/// list foodID num Price OrderTime 例如:1,红烧肉,2,30|3,尖椒炒鸡蛋,1,18
/// Address格式为 楼号层数,床号 例如:108,0812床 1号楼8楼,0812床号
public static ReturnClass AddOrder(string Name, string Phone, string Address, int ShopID, string List, string OrderTime, string OrderDate)
{
int YuanGongID = 0; //员工ID
int LouHao = Convert.ToInt32(Address.Split(',')[0]); //楼号
string ChuangHao = Address.Split(',')[1]; //床号
if (DBConnection.SystemConfig.SelectValueByConfigIDAndValue(1002, LouHao.ToString()) != null) //说明有值
{
//查询相应的送餐员ID
YuanGongID = Convert.ToInt32(DBConnection.SystemConfig.SelectValueByConfigIDAndValue(1002, LouHao.ToString()));
}
if (DBConnection.SystemConfig.SelectConfigNameByConfigIDAndName(1002, LouHao.ToString()) != null)//说明有值
{
//如果有这座楼,重新组建Address用中文的形式,理论上应该为 例: 门诊楼8楼,0828床
Address = DBConnection.SystemConfig.SelectConfigNameByConfigIDAndName(1002, LouHao.ToString()) + "," + ChuangHao;
}
else//没有这层
{
}
//处理一下订餐的日期和时间 日期处理成yyyyMMddHH00的int型,时间处理成yyyyMMdd(06|12|18)分别代表早餐 午餐 晚餐,方便比较大小
string[] date = OrderDate.Split('-');
int intOrderDate = Convert.ToInt32(date[0] + date[1] + date[2] + "00"); //当前订餐日期
int intOrderTime = intOrderDate + Convert.ToInt32(OrderTime); //当前订餐时间 格式2016090806 2016090812 2016090818
int intTimeNow = Convert.ToInt32(DateTime.Now.ToString("yyyyMMddHH")); //当前时间,为了判断订餐时间是否合法
ReturnClass err = new ReturnClass();
//判断订餐是否合法
if (intTimeNow > intOrderTime - 2)//说明超出了此次就餐时间
{
err.result = -2;
err.Code = ErrorCode.FAIL;
err.Msg = "订单添加失败了!原因是当前时间超过了预定时间!";
return(err);
}
if (StaticInfo.hasNoZhuRu(Name) && StaticInfo.hasNoZhuRu(Phone) && StaticInfo.hasNoZhuRu(Address) && StaticInfo.hasNoZhuRu(List)) //判断是否sql注入
{
string OrderID = StaticInfo.CreatOrderID(); //生成订单号
//拆分字符串 获取详细订单
string[] OrderInfoArray = List.Split('|');
int CountRow = 0; //成功插入的条数
string ListDetail = ""; //方便打印存储一下订单详情内容
decimal TotalPrice = 0.00M; //订单的总价格
//初始化一个表格 为了订单详情生成 逻辑为如果有一点数据不合法,那么这个datatable就=null,数据库不做任何处理
#region 初始化datatalbe
DataTable dtList = new DataTable("dtList");
DataColumn dtc = new DataColumn("FoodID", typeof(string));
dtList.Columns.Add(dtc);
dtc = new DataColumn("FoodName", typeof(string));
dtList.Columns.Add(dtc);
dtc = new DataColumn("Num", typeof(string));
dtList.Columns.Add(dtc);
dtc = new DataColumn("Price", typeof(string));
dtList.Columns.Add(dtc);
#endregion
try
{
if (OrderInfoArray != null)
{
foreach (string strOrderData in OrderInfoArray)
{
if (strOrderData == null || strOrderData == "")
{
continue;
}
else
{
string[] OrderData = strOrderData.Split(','); //订单详情通过','拆分成数组便于取值
int FoodID = Convert.ToInt32(OrderData[0]); //商品ID
string FoodName = Convert.ToString(OrderData[1]); //商品名称
int Num = Convert.ToInt32(OrderData[2]); //商品数量
decimal Price = Convert.ToDecimal(OrderData[3]); //单条商品的总价
DataTable dtNeed = DBConnection.FoodInfo.SelectFoodInfo(FoodID);
if (dtNeed != null && Num > 0 && Price > 0.00M) //说明这是合法的数据,只能为正数
{
FoodName = Convert.ToString(dtNeed.Rows[0]["FoodName"]); //商品名称
DataRow dr = dtList.NewRow();
dr["FoodID"] = Convert.ToString(FoodID); //ID
dr["FoodName"] = Convert.ToString(FoodName); //名称
dr["Num"] = Convert.ToString(Num); //数量
dr["Price"] = Convert.ToDecimal(Num) * Convert.ToDecimal(dtNeed.Rows[0]["Price"]); //总价
dtList.Rows.Add(dr);
}
else
{
dtList = null;
break;
}
}
}
if (dtList != null)
{
foreach (DataRow drr in dtList.Rows)
{
ListDetail += "品名:" + Convert.ToString(drr["FoodName"]) + " 数量:" + Convert.ToString(drr["Num"]) + " 价格:" + Convert.ToString(drr["Price"]) + "|"; //方便打印存储一下订单详情内容
TotalPrice += Convert.ToDecimal(drr["Price"]); //计算总价格
//CountRow += 1;// 成功插入的条数+1
}
//
if (DBConnection.OrderInfo.InsertOrderInfo(OrderID, dtList, intOrderTime, Convert.ToString(TotalPrice), DateTime.Now, Name, Phone
, Address, 0, YuanGongID, 0, 0, "", 1, ListDetail) > 0)
{
//说明订单生成成功了
err.result = 1;
err.Code = ErrorCode.SUSCCED;
err.Msg = "订单生成成功!";
}
else//说明失败了
{
err.result = 0;
err.Code = ErrorCode.FAIL;
err.Msg = "订单添加失败了!";
}
}
//if(dtList!=null)
//{
// foreach (DataRow drr in dtList.Rows)
// {
// if (DBConnection.OrderInfo.InsertOrderInfo(OrderID,Convert.ToInt32(drr["FoodID"]),Convert.ToInt32(drr["Num"]),Convert.ToDecimal(drr["Price"]), OrderTime) > 0) //说明插入成功了
// {
// ListDetail += "品名:" +Convert.ToString(drr["FoodName"]) + " 数量:" + Convert.ToString(drr["Num"]) + " 价格:" + Convert.ToString(drr["Price"]) + "|";//方便打印存储一下订单详情内容
// TotalPrice +=Convert.ToDecimal(drr["Price"]);//计算总价格
// CountRow += 1;// 成功插入的条数+1
// }
// }
//}
else
{
err.Code = ErrorCode.FAIL;
err.result = 0;
err.Msg = "添加订单的数量或者价格参数不合法!";
return(err);
}
}
else//说明订单中并没有商品详情
{
err.result = 0;
err.Code = ErrorCode.FAIL;
err.Msg = "请选择餐品加入订单,再提交订单!";
return(err);
}
//要查询今天当班的送餐员(待定也可能由管理员指定)
//if (CountRow == OrderInfoArray.Length)//这说明全部插入成功了
//{
// //添加一条新记录到OrderInfo表
// if (DBConnection.OrderData.InsertOrderData(OrderID, Convert.ToString(TotalPrice), DateTime.Now, Name, Phone, Address, 0, 0, 0, 0, "", 1, ListDetail, OrderTime) > 0)
// {
// //说明订单生成成功了
// err.result = 1;
// err.Code = ErrorCode.SUSCCED;
// err.Msg = "订单生成成功!";
// }
// else//说明失败了
// {
// err.result = 0;
// err.Code = ErrorCode.FAIL;
// err.Msg = "订单添加失败了!";
// }
//}
}
catch (Exception ex)
{
DBConnection.LogHelper.insertLogError("AddOrder", ex.ToString(), DateTime.Now);
}
}
else
{
err.result = 0;
err.Code = ErrorCode.ERR_ZHURU;
err.Msg = "sql注入!";
}
return(err);
}
