//************************************************************************** /// <Description> /// This method uses to get rows inside the group /// </Description> /// <Inputs> /// GroupID /// </Inputs> /// <Outputs> /// row /// </Outputs> /// <Returns> /// array /// </Returns> /// <Authors> /// DungLA /// </Authors> /// <History> /// 30 - Dec - 2004 /// 12/Oct/2005 Thachnn: fix bug injection /// </History> /// <Notes> /// </Notes> //************************************************************************** public ArrayList GetObjectVOs(string pstrGroupID) { ArrayList arrObjects = new ArrayList(); const string METHOD_NAME = THIS + ".GetObjectVOs()"; string strSql = "SELECT " + sys_ReportAndGroupTable.REPORTANDGROUPID_FLD + "," + sys_ReportAndGroupTable.GROUPID_FLD + "," + sys_ReportAndGroupTable.REPORTID_FLD + "," + sys_ReportAndGroupTable.REPORTORDER_FLD + " FROM " + sys_ReportAndGroupTable.TABLE_NAME + " WHERE " + sys_ReportAndGroupTable.GROUPID_FLD + "= ? " + " ORDER BY " + sys_ReportAndGroupTable.REPORTORDER_FLD; OleDbDataReader odrPCS = null; OleDbConnection oconPCS = null; OleDbCommand ocmdPCS = null; try { Utils utils = new Utils(); oconPCS = new OleDbConnection(Utils.Instance.OleDbConnectionString); ocmdPCS = new OleDbCommand(strSql, oconPCS); ocmdPCS.Parameters.Add(new OleDbParameter(sys_ReportAndGroupTable.GROUPID_FLD, OleDbType.VarWChar)); ocmdPCS.Parameters[sys_ReportAndGroupTable.GROUPID_FLD].Value = pstrGroupID; ocmdPCS.Connection.Open(); odrPCS = ocmdPCS.ExecuteReader(); while (odrPCS.Read()) { sys_ReportAndGroupVO objAndVO = new sys_ReportAndGroupVO(); objAndVO.ReportAndGroupID = odrPCS[sys_ReportAndGroupTable.REPORTANDGROUPID_FLD].ToString().Trim(); objAndVO.GroupID = odrPCS[sys_ReportAndGroupTable.GROUPID_FLD].ToString().Trim(); objAndVO.ReportID = odrPCS[sys_ReportAndGroupTable.REPORTID_FLD].ToString().Trim(); objAndVO.ReportOrder = int.Parse(odrPCS[sys_ReportAndGroupTable.REPORTORDER_FLD].ToString().Trim()); arrObjects.Add(objAndVO); } arrObjects.TrimToSize(); return(arrObjects); } catch (OleDbException ex) { throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex); } catch (Exception ex) { throw new PCSDBException(ErrorCode.OTHER_ERROR, METHOD_NAME, ex); } finally { if (oconPCS != null) { if (oconPCS.State != ConnectionState.Closed) { oconPCS.Close(); } } } }
//************************************************************************** /// <Description> /// This method uses to get data from sys_ReportAndGroup /// </Description> /// <Inputs> /// ID /// </Inputs> /// <Outputs> /// sys_ReportAndGroupVO /// </Outputs> /// <Returns> /// sys_ReportAndGroupVO /// </Returns> /// <Authors> /// DungLA /// </Authors> /// <History> /// Monday, December 27, 2004 /// 12/Oct/2005 Thachnn: fix bug injection /// </History> /// <Notes> /// </Notes> //************************************************************************** public object GetObjectVO(int pintID) { const string METHOD_NAME = THIS + ".GetObjectVO()"; OleDbDataReader odrPCS = null; OleDbConnection oconPCS = null; OleDbCommand ocmdPCS = null; try { string strSql = String.Empty; strSql = "SELECT " + sys_ReportAndGroupTable.GROUPID_FLD + "," + sys_ReportAndGroupTable.REPORTID_FLD + "," + sys_ReportAndGroupTable.REPORTORDER_FLD + " FROM " + sys_ReportAndGroupTable.TABLE_NAME + " WHERE " + sys_ReportAndGroupTable.REPORTANDGROUPID_FLD + "=" + pintID; Utils utils = new Utils(); oconPCS = new OleDbConnection(Utils.Instance.OleDbConnectionString); ocmdPCS = new OleDbCommand(strSql, oconPCS); ocmdPCS.Connection.Open(); odrPCS = ocmdPCS.ExecuteReader(); sys_ReportAndGroupVO objObject = new sys_ReportAndGroupVO(); while (odrPCS.Read()) { objObject.ReportAndGroupID = odrPCS[sys_ReportAndGroupTable.REPORTANDGROUPID_FLD].ToString().Trim(); objObject.GroupID = odrPCS[sys_ReportAndGroupTable.GROUPID_FLD].ToString().Trim(); objObject.ReportID = odrPCS[sys_ReportAndGroupTable.REPORTID_FLD].ToString().Trim(); objObject.ReportOrder = int.Parse(odrPCS[sys_ReportAndGroupTable.REPORTORDER_FLD].ToString().Trim()); } return(objObject); } catch (OleDbException ex) { throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex); } catch (Exception ex) { throw new PCSDBException(ErrorCode.OTHER_ERROR, METHOD_NAME, ex); } finally { if (oconPCS != null) { if (oconPCS.State != ConnectionState.Closed) { oconPCS.Close(); } } } }
//************************************************************************** /// <Description> /// This method uses to update data to sys_ReportAndGroup /// </Description> /// <Inputs> /// sys_ReportAndGroupVO /// </Inputs> /// <Outputs> /// N/A /// </Outputs> /// <Returns> /// N/A /// </Returns> /// <Authors> /// DungLA /// </Authors> /// <History> /// 09-Dec-2004 /// 12/Oct/2005 Thachnn: fix bug injection /// </History> /// <Notes> /// </Notes> //************************************************************************** public void Update(object pobjObjecVO) { const string METHOD_NAME = THIS + ".Update()"; sys_ReportAndGroupVO objObject = (sys_ReportAndGroupVO)pobjObjecVO; //prepare value for parameters OleDbConnection oconPCS = null; OleDbCommand ocmdPCS = null; try { string strSql = "UPDATE " + sys_ReportAndGroupTable.TABLE_NAME + " SET " + sys_ReportAndGroupTable.GROUPID_FLD + "= ?" + "," + sys_ReportAndGroupTable.REPORTID_FLD + "= ?" + "," + sys_ReportAndGroupTable.REPORTORDER_FLD + "= ?" + " WHERE " + sys_ReportAndGroupTable.REPORTANDGROUPID_FLD + "= ?"; Utils utils = new Utils(); oconPCS = new OleDbConnection(Utils.Instance.OleDbConnectionString); ocmdPCS = new OleDbCommand(strSql, oconPCS); ocmdPCS.Parameters.Add(new OleDbParameter(sys_ReportAndGroupTable.GROUPID_FLD, OleDbType.VarWChar)); ocmdPCS.Parameters[sys_ReportAndGroupTable.GROUPID_FLD].Value = objObject.GroupID; ocmdPCS.Parameters.Add(new OleDbParameter(sys_ReportAndGroupTable.REPORTID_FLD, OleDbType.VarWChar)); ocmdPCS.Parameters[sys_ReportAndGroupTable.REPORTID_FLD].Value = objObject.ReportID; ocmdPCS.Parameters.Add(new OleDbParameter(sys_ReportAndGroupTable.REPORTORDER_FLD, OleDbType.Integer)); ocmdPCS.Parameters[sys_ReportAndGroupTable.REPORTORDER_FLD].Value = objObject.ReportOrder; ocmdPCS.Parameters.Add(new OleDbParameter(sys_ReportAndGroupTable.REPORTANDGROUPID_FLD, OleDbType.Integer)); ocmdPCS.Parameters[sys_ReportAndGroupTable.REPORTANDGROUPID_FLD].Value = objObject.ReportAndGroupID; ocmdPCS.CommandText = strSql; ocmdPCS.Connection.Open(); ocmdPCS.ExecuteNonQuery(); } catch (OleDbException ex) { if (ex.Errors.Count > 1) { if (ex.Errors[1].NativeError == ErrorCode.SQLDUPLICATE_KEYCODE) { throw new PCSDBException(ErrorCode.DUPLICATE_KEY, METHOD_NAME, ex); } else { throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex); } } else { throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex); } } catch (InvalidOperationException ex) { throw new PCSDBException(ErrorCode.ERROR_DB, METHOD_NAME, ex); } catch (Exception ex) { throw new PCSDBException(ErrorCode.OTHER_ERROR, METHOD_NAME, ex); } finally { if (oconPCS != null) { if (oconPCS.State != ConnectionState.Closed) { oconPCS.Close(); } } } }