public ActionResult DelSysInfo(int SCodeByDel = 0)
{
/*參數透過AntiXss編碼*/
SCodeByDel = Convert.ToInt16(AntiXssEncoder.HtmlEncode(SCodeByDel.ToString(), true));
/*初始化宣告*/
App_Code.clsUtility objUtil = null;
string SqlCmd = "";
try
{
objUtil = new App_Code.clsUtility();
using (var SqlConn = new SqlConnection(objUtil.ConnStrDecrypt(ConfigurationManager.ConnectionStrings["TGWLogs"].ConnectionString)))
{
SqlCmd = "DELETE SYSTEM_LIST WHERE intSYS_CODE = @SysCode";
var SqlParams = new { @SysCode = SCodeByDel };
SqlConn.Execute(SqlCmd, SqlParams);
return(RedirectToAction("SysList", "TGW", new { PageIdx = 1 }));
}
}
catch (Exception ex)
{
return(RedirectToAction("Exception", "TGW", new { @MsgCont = ex.Message }));
}
}
private void OWASP_Verify(string ParamValue)
{
App_Code.clsUtility objUtil = null;
try
{
if (ParamValue != null)
{
objUtil = new App_Code.clsUtility();
/*XSS檢查*/
if (objUtil.VerifyOfXss(ParamValue) == false)
{
RedirectToAction("Exception", "TGW", new { @MsgCont = "參數含有XSS內容" });
}
/*SqlInjection檢查*/
if (objUtil.VerifyOfSqlInject(ParamValue) == false)
{
RedirectToAction("Exception", "TGW", new { @MsgCont = "參數含有SqlInjection內容" });
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
finally
{
objUtil = null;
}
}
private IEnumerable <Models.CosesTlog> getTlogSendState(string TxStartDate = "", string TxEndDate = "", string CardNo = "")
{
IEnumerable <Models.CosesTlog> QryRst = null;
App_Code.clsUtility objUtil = null;
string SqlCmd = "";
try
{
objUtil = new App_Code.clsUtility();
using (var SqlConn = new SqlConnection(objUtil.ConnStrDecrypt(ConfigurationManager.ConnectionStrings["TGWLogs"].ConnectionString)))
{
SqlCmd = "EXEC SP_TLOG_SENDSTATE @TxDateST,@TxDateED,500,'','',@CardNo";
var SqlParams = new { @TxDateST = TxStartDate, @TxDateED = TxEndDate, @CardNo = CardNo };
QryRst = SqlConn.Query <Models.CosesTlog>(SqlCmd, SqlParams);
return(QryRst);
}
}
catch (Exception)
{
return(QryRst);
}
finally
{
QryRst = null;
}
}
private IEnumerable <Models.ISOTextOfTX300> getTX300SendStat(string DateST = "", string DateED = "", string CardNo = "")
{
IEnumerable <Models.ISOTextOfTX300> QryRst = null;
App_Code.clsUtility objUtil = null;
string SqlCmd = "";
try
{
objUtil = new App_Code.clsUtility();
using (var Sqlconn = new SqlConnection(objUtil.ConnStrDecrypt(ConfigurationManager.ConnectionStrings["TGWLogs"].ConnectionString)))
{
SqlCmd = "EXEC SP_TX300_SENDSTATE @StartDate,@EndDate,1,500,@CardNo";
var SqlParams = new { @StartDate = DateST, @EndDate = DateED, @CardNo = CardNo };
QryRst = Sqlconn.Query <Models.ISOTextOfTX300>(SqlCmd, SqlParams);
return(QryRst);
}
}
catch (Exception)
{
return(QryRst);
}
finally
{
QryRst = null;
}
}
public ActionResult UpdSysInfo(Models.TaskOfUpdate FormCols)
{
/*欄位Validation*/
if (ModelState.IsValid == false)
{
return(View(FormCols));
}
/*初始化宣告*/
App_Code.clsUtility objUtil = null;
string SqlCmd = "";
try
{
/*OWASP檢查*/
OWASP_Verify(FormCols.SysName);
OWASP_Verify(FormCols.GrpName);
/*參數透過AntiXss編碼*/
FormCols.SysCode = Convert.ToInt16(AntiXssEncoder.HtmlEncode(FormCols.SysCode.ToString(), true));
FormCols.SysName = AntiXssEncoder.HtmlEncode(FormCols.SysName, true);
FormCols.GrpName = AntiXssEncoder.HtmlEncode(FormCols.GrpName, true);
objUtil = new App_Code.clsUtility();
using (var SqlConn = new SqlConnection(objUtil.ConnStrDecrypt(ConfigurationManager.ConnectionStrings["TGWLogs"].ConnectionString)))
{
SqlCmd = "UPDATE SYSTEM_LIST SET " +
"varSYS_DESC = @SysName," +
"varOWN_GRP = @GrpName," +
"dtMODIFY_DATE = GETDATE() " +
"WHERE intSYS_CODE = @SysCode";
var SqlParams = new { @SysCode = FormCols.SysCode, @SysName = Server.HtmlDecode(FormCols.SysName), @GrpName = Server.HtmlDecode(FormCols.GrpName) };
SqlConn.Execute(SqlCmd, SqlParams);
}
TempData["ExeRst"] = "【" + Server.HtmlDecode(FormCols.SysName) + "】更新成功";
return(RedirectToAction("SysList", "TGW", new { PageIdx = 1, SystemName = FormCols.SysName }));
}
catch (Exception ex)
{
return(RedirectToAction("Exception", "TGW", new { @MsgCont = ex.Message }));
}
finally
{
objUtil = null;
}
}
public ActionResult InsSysInfo(Models.TaskOfCreate FormCols)
{
/*欄位Validation*/
if (ModelState.IsValid == false)
{
return(View(FormCols));
}
/*初始化宣告*/
App_Code.clsUtility objUtil = null;
string SqlCmd = "";
try
{
/*OWASP檢查*/
OWASP_Verify(FormCols.SysName);
OWASP_Verify(FormCols.GrpName);
/*參數透過AntiXss編碼*/
FormCols.SysName = AntiXssEncoder.HtmlEncode(FormCols.SysName, true);
FormCols.GrpName = AntiXssEncoder.HtmlEncode(FormCols.GrpName, true);
objUtil = new App_Code.clsUtility();
using (var SqlConn = new SqlConnection(objUtil.ConnStrDecrypt(ConfigurationManager.ConnectionStrings["TGWLogs"].ConnectionString)))
{
SqlCmd = "INSERT INTO SYSTEM_LIST (intSYS_CODE,varSYS_DESC,varOWN_GRP,dtMODIFY_DATE) " +
"VALUES " +
"((SELECT MAX(intSYS_CODE) + 1 FROM SYSTEM_LIST),@SysName,@GrpName,GETDATE())";
var SqlParams = new { @SysName = Server.HtmlDecode(FormCols.SysName), @GrpName = Server.HtmlDecode(FormCols.GrpName) };
SqlConn.Execute(SqlCmd, SqlParams);
TempData["ExeRst"] = "【" + Server.HtmlDecode(FormCols.SysName) + "】新增成功";
return(RedirectToAction("SysList", "TGW"));
}
}
catch (Exception ex)
{
return(RedirectToAction("Exception", "TGW", new { @MsgCont = ex.Message }));
}
finally
{
objUtil = null;
}
}
private IEnumerable <Models.FullSysInfo> getSysInfo(string SystemName = "", string GroupName = "")
{
IEnumerable <Models.FullSysInfo> QryRst = null;
App_Code.clsUtility objUtil = null;
string SqlCmd = "";
try
{
objUtil = new App_Code.clsUtility();
using (var SqlConn = new SqlConnection(objUtil.ConnStrDecrypt(ConfigurationManager.ConnectionStrings["TGWLogs"].ConnectionString)))
{
SqlCmd = "SELECT intSYS_CODE AS SysCode,varSYS_DESC AS SysName," +
"varOWN_GRP AS GrpName,dtMODIFY_DATE AS ModDate " +
"FROM SYSTEM_LIST";
QryRst = SqlConn.Query <Models.FullSysInfo>(SqlCmd);
if (SystemName != null)
{
QryRst = QryRst.Where(s => s.SysName.Contains(SystemName));
}
if (GroupName != null)
{
QryRst = QryRst.Where(s => s.GrpName.Contains(GroupName));
}
return(QryRst);
}
}
catch (Exception)
{
return(QryRst);
}
finally
{
QryRst = null;
}
}
