Beispiel #1
0
    //--------------//

    public UserProfile(Connector.QueryParameter queryParam)
    {
        //queryParam -> content from client
        FullName = System.IO.Path.Combine(
            AMSCore.WebConfigReadKey("PATH_UPLOAD_UM"), //system path from web.config
            queryParam["IMG"].ToString()                //filename from client
            );
        FileName        = string.Empty;
        FileContentType = null;
        FileContent     = null;
    }
Beispiel #2
0
    //--------------//

    public Sample(Connector.QueryParameter queryParam)
    {
        //queryParam -> content from client
        FullName = System.IO.Path.Combine(
            AMSCore.WebConfigReadKey("TEMPORARY_PATH"), //system path from web.config
            queryParam["SAMPLE_PARAM"] + ".zip"         //filename from client
            );
        FileName        = "ทดสอบ_Download_Files.zip";
        FileContentType = null;
        FileContent     = null;
    }
Beispiel #3
0
    protected override void CreateChildControls()
    {
        base.CreateChildControls();

        //assign HTML injection configuration.
        List <string> webConfigToSetCookieList = new List <string>()
        {
            "PREVENT_HTML_INPUT",
            "ENCODE_HTML",
            "PREVENT_HTML_INPUT_CHAR_LIST"
        };

        foreach (string webConfigParam in webConfigToSetCookieList)
        {
            if (Response.Cookies[webConfigParam] == null)
            {
                HttpCookie cookie = new HttpCookie(webConfigParam);
                cookie.Value = AMSCore.WebConfigReadKey(webConfigParam);
                Response.Cookies.Add(cookie);
            }
            else
            {
                Response.Cookies[webConfigParam].Value = AMSCore.WebConfigReadKey(webConfigParam);
            }
        }

        //assign authentication token for checking authentication.
        if (Session["AUTHEN_TOKEN"] != null)
        {
            HttpCookie authenTokenCookie = new HttpCookie("AUTHEN_TOKEN");
            authenTokenCookie.Value = Session["AUTHEN_TOKEN"].ToString();
            Response.Cookies.Add(authenTokenCookie);
        }

        //assign CSRF token for checking form sending from across domain.
        if (Session["CSRF_TOKEN"] != null)
        {
            HttpCookie authenTokenCookie = new HttpCookie("CSRF_TOKEN");
            authenTokenCookie.Value = Session["CSRF_TOKEN"].ToString();
            Response.Cookies.Add(authenTokenCookie);
        }

        Response.Cache.SetNoStore();

        InsertMeta();

        Connector.QueryParameter requestParameter = new Connector.QueryParameter(Request);

        string cssDojoUrl = AMSCore.WebConfigReadKey("CSS_DOJO");
        string cssEsriUrl = AMSCore.WebConfigReadKey("CSS_ESRI");

        string jsAmosUrl  = AMSCore.WebConfigReadKey("JS_AMOS_URL");
        string cssAmosUrl = AMSCore.WebConfigReadKey("CSS_AMOS");

        /// Insert Script Tags (reverse seq.)
        /// last --> first
        InsertScriptSrc(AMSCore.WebConfigReadKey("CONFIG_ESRI") + appCacheBust);
        InsertScriptSrc(AMSCore.WebConfigReadKey("JS_API_URL") + appCacheBust);

        InitializeDojoConfig(requestParameter);

        if (jsAmosUrl.StartsWith("//"))
        {
            jsAmosUrl = "location.protocol + '" + jsAmosUrl + "'";
        }
        else
        {
            jsAmosUrl = "'" + jsAmosUrl + "'";
        }
        InsertScriptTag("dojoConfig.packages.push({'name': 'esrith', 'location': " + jsAmosUrl + "});");


        InsertScriptSrc(AMSCore.WebConfigReadKey("CONFIG_DOJO") + appCacheBust);

        /// Insert Style Tags (forward seq.)
        /// first --> last
        InsertStyleTag(
            string.Format("@import '{0}';", cssDojoUrl + appCacheBust) + "\r\n" +
            string.Format("@import '{0}';", cssEsriUrl + appCacheBust) + "\r\n" +
            string.Format("@import '{0}';", cssAmosUrl + appCacheBust)
            );

        long   timeDiff = 0;
        double timezone = 0;


        if (AMSCore.WebConfigReadKey("IS_DEBUG") == "0")
        {
            Connector.IDatabaseConnector dbConnector = new Connector.DatabaseConnectorClass();
            Connector.QueryResult        dbResult    = null;
            try
            {
                if (dbConnector.Provider == Connector.ProviderFactory.Oracle)
                {
                    dbResult = dbConnector.ExecuteStatement("select sysdate as CURRENT_DATE, dbtimezone as TIMEOFFSET from dual");
                }
                else if (dbConnector.Provider == Connector.ProviderFactory.MSSQL)
                {
                    dbResult = dbConnector.ExecuteStatement("select getdate() as CURRENT_DATE, datediff(minute, convert(time, sysutcdatetime()), convert(time, sysdatetimeoffset())) as TIMEOFFSET");
                }
            }
            catch { }

            if (dbResult.Success == true && dbResult.DataTable.Rows.Count > 0)
            {
                timeDiff = AMSCore.DateTimeToUnixTimeStamp((dbResult.DataTable.Rows[0]["CURRENT_DATE"] as DateTime?).Value);
                string timeOffset = dbResult.DataTable.Rows[0]["TIMEOFFSET"].ToString();
                if (timeOffset.StartsWith("+"))
                {
                    timezone = double.Parse("-" + AMSCore.StringToDateTime(timeOffset.Substring(1), "HH:mm").TimeOfDay.TotalMinutes.ToString());
                }
                else if (timeOffset.StartsWith("-"))
                {
                    timezone = double.Parse("+" + AMSCore.StringToDateTime(timeOffset.Substring(1), "HH:mm").TimeOfDay.TotalMinutes.ToString());
                }
                else
                {
                    timezone = double.Parse(dbResult.DataTable.Rows[0]["TIMEOFFSET"].ToString());
                }
            }
            else
            {
                TimeZone localZone     = TimeZone.CurrentTimeZone;
                DateTime currentDate   = DateTime.Now;
                TimeSpan currentOffset = localZone.GetUtcOffset(currentDate);
                timeDiff = AMSCore.DateTimeToUnixTimeStamp(currentDate, -currentOffset.TotalMinutes);
                timezone = currentOffset.TotalMinutes * -1;
            }
        }
        else
        {
            TimeZone localZone     = TimeZone.CurrentTimeZone;
            DateTime currentDate   = DateTime.Now;
            TimeSpan currentOffset = localZone.GetUtcOffset(currentDate);
            timeDiff = AMSCore.DateTimeToUnixTimeStamp(DateTime.Now, -currentOffset.TotalMinutes);
            timezone = currentOffset.TotalMinutes * -1;
        }

        //Dictionary<string, object> sessionObject = new Dictionary<string, object>();
        //Dictionary<string, object> sessionObject2 = null;
        System.Web.Script.Serialization.JavaScriptSerializer serialization = new System.Web.Script.Serialization.JavaScriptSerializer();
        StringBuilder txtScript = new StringBuilder();

        txtScript.AppendLine("try{");

        txtScript.AppendLine("Object.defineProperty(window,'appVersion',{value:'" + appVersion + "'});");
        txtScript.AppendLine("Object.defineProperty(window,'appServer',{value:{}});");
        txtScript.AppendLine("Object.defineProperty(appServer,'timeDiff',{value:" + timeDiff + " - new Date().getTime()});");
        txtScript.AppendLine("Object.defineProperty(appServer,'timeZone',{value:" + timezone + "});");
        txtScript.AppendLine("Object.defineProperty(appServer,'isDebug',{value:'" + AMSCore.WebConfigReadKey("IS_DEBUG") + "'});");
        txtScript.AppendLine("Object.defineProperty(appServer,'isEncrypt',{value:'" + AMSCore.WebConfigReadKey("IS_ENCRYPT") + "'});");
        txtScript.AppendLine("Object.defineProperty(appServer,'sessionId',{value:'" + Session.SessionID + "'});");

        Dictionary <string, object> webConfigObject = new Dictionary <string, object>();

        txtScript.AppendLine("Object.defineProperty(appServer,'webConfig',{value:{}});");
        foreach (string keyConfig in AMSCore.WebConfigKeys())
        {
            webConfigObject.Add(keyConfig, AMSCore.WebConfigReadKey(keyConfig));
            txtScript.AppendLine(string.Format(@"Object.defineProperty(appServer.webConfig,'{0}',{1});", keyConfig, serialization.Serialize(new Dictionary <string, object>()
            {
                { "value", AMSCore.WebConfigReadKey(keyConfig) }
            })));
        }
        txtScript.AppendLine("}catch(err){");
        txtScript.AppendLine("window.appVersion = '" + appVersion + "'");
        txtScript.AppendLine("window.appServer = {");
        txtScript.AppendLine("'timeDiff':" + timeDiff + " - new Date().getTime(),");
        txtScript.AppendLine("'timeZone':" + timezone + ",");
        txtScript.AppendLine("'isDebug':'" + AMSCore.WebConfigReadKey("IS_DEBUG") + "',");
        txtScript.AppendLine("'isEncrypt':'" + AMSCore.WebConfigReadKey("IS_ENCRYPT") + "',");
        txtScript.AppendLine("'sessionId':'" + Session.SessionID + "',");
        txtScript.AppendLine("'webConfig':" + serialization.Serialize(webConfigObject));
        txtScript.AppendLine("};");
        txtScript.AppendLine("}");

        //string onCloseBrowserScript = @"
        //    window.onbeforeunload = function (event)
        //    {
        //        try
        //        {
        //            var request = new XMLHttpRequest();
        //            request.open('POST','{logoutURLPath}',false);
        //            request.setRequestHeader('content-type','application/x-www-form-urlencoded');
        //            request.timeout = 4000;
        //            request.send('');
        //        }
        //        catch(err)
        //        {
        //        }
        //    };
        //";

        //string logoutURLPath = HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Authority) + ResolveUrl("~/?p=logout");
        //onCloseBrowserScript = onCloseBrowserScript.Replace("{logoutURLPath}", logoutURLPath);

        //txtScript.AppendLine(onCloseBrowserScript);

        InsertScriptTag(txtScript.ToString());
    }
Beispiel #4
0
        public QueryResult ExecuteStatement(string statement, QueryParameter queryParam)
        {
            StringBuilder    logString = null;
            QueryResult      qResult   = null;
            IDbCommand       dbCommand = null;
            IDataReader      dbReader  = null;
            IDbDataParameter dbParam   = null;
            DataTable        dt        = null;
            string           paramName = string.Empty;
            int cursorNum = 1;

            try
            {
                logString = new StringBuilder();
                if (_dbConnection == null)
                {
                    throw new Exception(string.Format("ไม่สามารถโหลด assembly {0} ได้เนื่องจาก\r\n{1}", _assemblyName, _exceptionTemporary.GetBaseException().Message));
                }
                _dbConnection.ConnectionString = _connectionString;
                qResult = new QueryResult();
                if (_dbConnection.State != ConnectionState.Open)
                {
                    _dbConnection.Open();
                }
                dbCommand = CreateCommand(statement);
                if (queryParam != null)
                {
                    for (int i = 0; i < dbCommand.Parameters.Count; i++)
                    {
                        if (queryParam.Parameter.Count >= i)
                        {
                            dbParam       = dbCommand.Parameters[i] as IDbDataParameter;
                            dbParam.Value = queryParam.Parameter[queryParam.Parameter.Keys.ElementAt(i)];
                        }
                        else
                        {
                            break;
                        }
                    }
                }

                dbReader = dbCommand.ExecuteReader();
                while (!dbReader.IsClosed)
                {
                    dt = new DataTable();
                    dt.Load(dbReader);
                    if (cursorNum == 1)
                    {
                        qResult.DataTable = dt;
                    }
                    else
                    {
                        qResult.AddOutputParam("data" + cursorNum, Util.DataTableToDictionary(dt, _dateTimeFormat, _cultureInfo));
                    }
                    cursorNum++;
                }
                for (int i = 0; i < dbCommand.Parameters.Count; i++)
                {
                    dbParam = dbCommand.Parameters[i] as IDbDataParameter;
                    if (!dbParam.Direction.Equals(ParameterDirection.Output))
                    {
                        continue;
                    }
                    paramName = dbParam.ParameterName;
                    if (_paramNamePrefix.Length > 0)
                    {
                        paramName = paramName.Replace(_paramNamePrefix, string.Empty);
                    }
                    if (!_reservedOutputName.Contains(paramName.ToUpper()))
                    {
                        paramName = paramName.Replace(_outputReplace, string.Empty);
                        if (dbParam.Value == null || System.DBNull.Value.Equals(dbParam.Value))
                        {
                            qResult.AddOutputParam(paramName, dbParam.Value);
                        }
                        else if (dbParam.Value is DateTime)
                        {
                            qResult.AddOutputParam(paramName, Util.DateTimeToString((dbParam.Value as DateTime?)));
                        }
                        else if (dbParam.Value is IDataReader)
                        {
                            dt = new DataTable();
                            dt.Load(dbParam.Value as IDataReader);
                            qResult.AddOutputParam(paramName.ToLower(), Util.DataTableToDictionary(dt, _dateTimeFormat, _cultureInfo));
                        }
                        else
                        {
                            qResult.AddOutputParam(paramName, dbParam.Value);
                        }
                    }
                    else if (paramName.Equals("PO_DATA"))
                    {
                        dt = new DataTable();
                        dt.Load(dbParam.Value as IDataReader);
                        qResult.DataTable = dt;
                    }
                    else if (paramName.Equals("PO_TOTAL"))
                    {
                        if (!string.IsNullOrEmpty(dbParam.Value.ToString()))
                        {
                            qResult.Total = int.Parse(dbParam.Value.ToString());
                        }
                    }
                    else if (paramName.Equals("PO_STATUS"))
                    {
                        if (dbParam.Value.ToString().Equals("1"))
                        {
                            qResult.Success = true;
                        }
                        else
                        {
                            qResult.Success = false;
                        }
                    }
                    else if (paramName.Equals("PO_STATUS_MSG"))
                    {
                        qResult.Message = dbParam.Value.ToString();
                    }
                }

                logString.AppendLine(string.Format("<LOGFUNCTION>"));
                if (queryParam.Parameter.ContainsKey("FN_ID") == true)
                {
                    logString.AppendLine(string.Format("{0}", queryParam.Parameter["FN_ID"]));
                }
                logString.AppendLine(string.Format("</LOGFUNCTION>"));

                if (qResult.Success != true)
                {
                    logString.AppendLine(string.Format("{0}", qResult.Message));

                    logString.AppendLine(string.Format("<LOGSESSION>"));
                    logString.Append(LogSession());
                    logString.AppendLine(string.Format("</LOGSESSION>"));

                    logString.AppendLine("!!! Error !!!");
                    Util.WriteLogError(logString.ToString());
                }
                else
                {
                    logString.AppendLine(string.Format("<LOGSESSION>"));
                    logString.Append(LogSession());
                    logString.AppendLine(string.Format("</LOGSESSION>"));

                    logString.AppendLine("!!! Completed !!!");
                    Util.WriteLogInfo(logString.ToString());
                    //Util.WriteLogDebug(qResult.ToJson());
                }
            }
            catch (Exception ex)
            {
                qResult = new QueryResult(ex);
                logString.AppendLine(string.Format("{0}", qResult.Message));
                logString.AppendLine(string.Format("<LOGFUNCTION>"));
                if (queryParam.Parameter.ContainsKey("FN_ID") == true)
                {
                    logString.AppendLine(string.Format("{0}", queryParam.Parameter["FN_ID"]));
                }
                logString.AppendLine(string.Format("</LOGFUNCTION>"));
                logString.AppendLine(string.Format("<LOGSESSION>"));
                logString.Append(LogSession());
                logString.AppendLine(string.Format("</LOGSESSION>"));
                logString.AppendLine("!!! Error !!!");
                Util.WriteLogError(logString.ToString(), ex);
            }
            finally
            {
                if (_dbConnection != null && _dbConnection.State == ConnectionState.Open)
                {
                    _dbConnection.Close();
                }
            }
            return(qResult);
        }
Beispiel #5
0
        public QueryResult ExecuteStoredProcedure(string storeName, QueryParameter queryParam)
        {
            StringBuilder    logString = null;
            QueryResult      qResult   = null;
            IDbCommand       dbCommand = null;
            IDataReader      dbReader  = null;
            IDbDataParameter dbParam   = null;
            //IDbTransaction dbTrans = null;
            DataTable dt        = null;
            string    paramName = string.Empty;
            int       cursorNum = 1;

            try
            {
                logString = new StringBuilder();
                logString.AppendLine(string.Format("\tSP: {0}", storeName));
                if (_dbConnection == null)
                {
                    if (_exceptionTemporary != null)
                    {
                        throw new Exception(string.Format("ไม่สามารถโหลด assembly {0} ได้เนื่องจาก\r\n{1}", _assemblyName, _exceptionTemporary.GetBaseException().Message));
                    }
                    else
                    {
                        throw new Exception(string.Format("ไม่สามารถโหลด assembly {0} ได้", _assemblyName));
                    }
                }
                _dbConnection.ConnectionString = _connectionString;
                if (_provider.Equals(ProviderFactory.MySQL))
                {
                    throw new Exception("Provider ไม่รองรับการ Execute โดยใช้ StoredProcedure");
                }
                if (_dbConnection.State != ConnectionState.Open)
                {
                    _dbConnection.Open();
                }
                qResult   = new QueryResult();
                dbCommand = CreateCommand(storeName, queryParam, ref logString);
                //dbTrans = _dbConnection.BeginTransaction();
                switch (_provider)
                {
                case ProviderFactory.MSSQL:
                    dbReader = dbCommand.ExecuteReader();
                    while (!dbReader.IsClosed)
                    {
                        dt = new DataTable();
                        dt.Load(dbReader);
                        if (cursorNum == 1)
                        {
                            qResult.DataTable = dt;
                        }
                        else
                        {
                            qResult.AddOutputParam("data" + cursorNum, Util.DataTableToDictionary(dt, _dateTimeFormat, _cultureInfo));
                        }
                        cursorNum++;
                    }
                    break;

                default:
                    dbCommand.ExecuteNonQuery();
                    break;
                }
                for (int i = 0; i < dbCommand.Parameters.Count; i++)
                {
                    dbParam = dbCommand.Parameters[i] as IDbDataParameter;
                    if (!dbParam.Direction.Equals(ParameterDirection.Output))
                    {
                        continue;
                    }
                    paramName = dbParam.ParameterName;
                    if (_paramNamePrefix.Length > 0)
                    {
                        paramName = paramName.Replace(_paramNamePrefix, string.Empty);
                    }
                    if (!_reservedOutputName.Contains(paramName.ToUpper()))
                    {
                        paramName = paramName.Replace(_outputReplace, string.Empty);
                        if (dbParam.Value == null || System.DBNull.Value.Equals(dbParam.Value))
                        {
                            qResult.AddOutputParam(paramName, dbParam.Value);
                        }
                        else if (dbParam.Value is DateTime)
                        {
                            qResult.AddOutputParam(paramName, Util.DateTimeToString((dbParam.Value as DateTime?)));
                        }
                        else if (dbParam.Value is IDataReader)
                        {
                            dt = new DataTable();
                            if (dbParam.Value != System.DBNull.Value)
                            {
                                dt.Load(dbParam.Value as IDataReader);
                            }
                            qResult.AddOutputParam(paramName.ToLower(), Util.DataTableToDictionary(dt, _dateTimeFormat, _cultureInfo));
                        }
                        else
                        {
                            if (paramName.IndexOf("NT_") == 0)
                            {
                                qResult.AddNTParam(paramName, dbParam.Value);
                            }
                            else
                            {
                                qResult.AddOutputParam(paramName, dbParam.Value);
                            }
                        }
                    }
                    else if (paramName.Equals("PO_DATA"))
                    {
                        dt = new DataTable();
                        if (dbParam.Value != System.DBNull.Value)
                        {
                            dt.Load(dbParam.Value as IDataReader);
                        }
                        qResult.DataTable = dt;
                    }
                    else if (paramName.Equals("PO_TOTAL"))
                    {
                        if (!string.IsNullOrEmpty(dbParam.Value.ToString()))
                        {
                            qResult.Total = int.Parse(dbParam.Value.ToString());
                        }
                    }
                    else if (paramName.Equals("PO_STATUS"))
                    {
                        if (dbParam.Value.ToString().Equals("1"))
                        {
                            qResult.Success = true;
                        }
                        else
                        {
                            qResult.Success = false;
                        }
                    }
                    else if (paramName.Equals("PO_STATUS_MSG"))
                    {
                        qResult.Message = dbParam.Value.ToString();
                    }
                }

                logString.AppendLine(string.Format("<LOGFUNCTION>"));
                if (queryParam.Parameter.ContainsKey("FN_ID") == true)
                {
                    logString.AppendLine(string.Format("{0}", queryParam.Parameter["FN_ID"]));
                }
                logString.AppendLine(string.Format("</LOGFUNCTION>"));


                if (qResult.Success != true)
                {
                    logString.AppendLine(string.Format("{0}", qResult.Message));

                    logString.AppendLine(string.Format("<LOGSESSION>"));
                    logString.Append(LogSession());
                    logString.AppendLine(string.Format("</LOGSESSION>"));

                    logString.AppendLine("!!! Error !!!");
                    Util.WriteLogError(logString.ToString());
                }
                else
                {
                    logString.AppendLine(string.Format("<LOGSESSION>"));
                    logString.Append(LogSession());
                    logString.AppendLine(string.Format("</LOGSESSION>"));

                    logString.AppendLine("!!! Completed !!!");
                    Util.WriteLogInfo(logString.ToString());
                    //Util.WriteLogDebug(qResult.ToJson());
                }
                //try
                //{
                //    dbTrans.Commit();
                //}
                //catch { }
            }
            catch (Exception ex)
            {
                //try
                //{
                //    dbTrans.Rollback();
                //}
                //catch { }
                qResult = new QueryResult(ex);
                logString.AppendLine(string.Format("{0}", qResult.Message));

                logString.AppendLine(string.Format("<LOGFUNCTION>"));
                if (queryParam.Parameter.ContainsKey("FN_ID") == true)
                {
                    logString.AppendLine(string.Format("{0}", queryParam.Parameter["FN_ID"]));
                }
                logString.AppendLine(string.Format("</LOGFUNCTION>"));

                logString.AppendLine(string.Format("<LOGSESSION>"));
                logString.Append(LogSession());
                logString.AppendLine(string.Format("</LOGSESSION>"));

                logString.AppendLine("!!! Error !!!");
                Util.WriteLogError(logString.ToString());
            }
            finally
            {
                //try
                //{
                //    dbTrans.Dispose();
                //    dbTrans = null;
                //}
                //catch { }
                if (_dbConnection != null && _dbConnection.State == ConnectionState.Open)
                {
                    _dbConnection.Close();
                    _dbConnection.Dispose();
                }
            }
            return(qResult);
        }
Beispiel #6
0
        protected IDbCommand CreateCommand(string storeName, QueryParameter queryParam, ref StringBuilder logString)
        {
            IDbDataParameter dbParam = null;
            //List<IDbDataParameter> paramList = null;
            IDbCommand dbCommand = null;

            string[] encParameter = null;
            try
            {
                //paramList = new List<IDbDataParameter>();
                if (_dbConnection.State != ConnectionState.Open)
                {
                    _dbConnection.Open();
                }
                dbCommand             = _dbConnection.CreateCommand();
                dbCommand.CommandType = CommandType.StoredProcedure;
                dbCommand.CommandText = storeName;
                if (_provider.Equals(ProviderFactory.Oracle))
                {
                    var oracleCommandBindByName = _commandType.GetProperty("BindByName");
                    oracleCommandBindByName.SetValue(dbCommand, true, null);
                }
                if (System.Configuration.ConfigurationManager.AppSettings["IS_DEBUG"] != "1" && !string.IsNullOrEmpty(System.Configuration.ConfigurationManager.AppSettings["PARAMETER_ENCRYPT"]))
                {
                    encParameter = System.Configuration.ConfigurationManager.AppSettings["PARAMETER_ENCRYPT"].Split('|');
                }
                _commandBuilderType.GetMethod("DeriveParameters").Invoke(null, new object[] { dbCommand });
                for (int i = 0; i < dbCommand.Parameters.Count; i++)
                {
                    string paramName  = string.Empty;
                    object paramValue = null;
                    dbParam = dbCommand.Parameters[i] as IDbDataParameter;
                    switch (dbParam.Direction)
                    {
                    case ParameterDirection.Input:
                        if (queryParam != null && queryParam.Parameter != null)
                        {
                            if (dbParam.ParameterName.IndexOf(_inputReplace) != -1)
                            {
                                paramName = dbParam.ParameterName.Substring(dbParam.ParameterName.IndexOf(_inputReplace) + _inputReplace.Length);
                            }
                            else
                            {
                                paramName = dbParam.ParameterName;
                            }

                            if (queryParam.Parameter.ContainsKey(paramName.ToUpper()))
                            {
                                paramValue = queryParam.Parameter[paramName];
                            }

                            if (paramValue != null && Util.DBTypeMap(dbParam.DbType).Equals(typeof(DateTime)) || dbParam.Value is DateTime)
                            {
                                if (paramValue is string)
                                {
                                    dbParam.Value = Util.StringToDateTime(paramValue.ToString());
                                }
                                else if (paramValue is int)
                                {
                                    dbParam.Value = Util.UnixTimeStampToDateTime(int.Parse(paramValue.ToString())).AddMinutes(TimeZoneOffset);
                                }
                                else if (paramValue is long)
                                {
                                    dbParam.Value = Util.UnixTimeStampToDateTime(long.Parse(paramValue.ToString())).AddMinutes(TimeZoneOffset);
                                }

                                if (_provider == ProviderFactory.MSSQL)
                                {
                                    logString.AppendLine(string.Format("{0}: PARSE('{1}' as DATETIME USING 'th-TH')", dbParam.ParameterName, Util.DateTimeToString(dbParam.Value as DateTime?)));
                                }
                                else if (_provider == ProviderFactory.Oracle)
                                {
                                    logString.AppendLine(string.Format("{0}: TO_DATE('{1}','DD/MM/YYYY HH24:MI:SS','NLS_DATE_LANGUAGE=THAI')", dbParam.ParameterName, Util.DateTimeToString(dbParam.Value as DateTime?)));
                                }

                                break;
                            }
                            else if (paramValue != null)
                            {
                                if (dbParam.DbType != DbType.String && !string.IsNullOrEmpty(paramValue.ToString()))
                                {
                                    dbParam.Value = paramValue;
                                }
                                else if (dbParam.DbType == DbType.String)
                                {
                                    dbParam.Value = paramValue;
                                }
                                else
                                {
                                }
                            }
                            else
                            {
                                dbParam.Value = System.DBNull.Value;
                            }
                        }
                        object logValue = dbParam.Value;
                        if (encParameter != null && encParameter.Contains(dbParam.ParameterName.Replace(_inputReplace, "").ToUpper()))
                        {
                            logValue = "-- Secured Field --";
                        }
                        logString.AppendLine(string.Format("{0}: {1}", dbParam.ParameterName, logValue));
                        break;

                    case ParameterDirection.InputOutput:
                    case ParameterDirection.Output:
                        dbParam.Direction = ParameterDirection.Output;
                        break;

                    //paramName = dbParam.ParameterName.Substring(dbParam.ParameterName.IndexOf(_outputReplace) + _outputReplace.Length);
                    //break;
                    default:
                        continue;
                    }
                    //paramList.Add(dbParam);
                }
                return(dbCommand);
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }