Ejemplo n.º 1
0
        /// <summary>
        /// 查询销量
        /// </summary>
        /// <param name="BgTime">开始时间</param>
        /// <param name="EndTime">结束时间</param>
        /// <param name="ShopID">店铺ID</param>
        public static ReturnTableClass SelectXiaoLiang(DateTime BgTime, DateTime EndTime, int ShopID)
        {
            ReturnTableClass err = new ReturnTableClass();

            if (StaticInfo.hasNoZhuRu("ShopID"))
            {
                try
                {
                    err.result = DBConnection.OrderInfo.SelectXiaoLiang(Convert.ToInt32(BgTime.ToString("yyyyMMdd00")), Convert.ToInt32(EndTime.ToString("yyyyMMdd24")), ShopID);
                    if (err.result != null)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("SelectXiaoLiang", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// 查询所有单品类别
        /// </summary>
        /// <param name="ID">ID</param>
        public static ReturnClass SelectTotalCategory()
        {
            ReturnClass err = new ReturnClass();

            if (StaticInfo.hasNoZhuRu("aa"))
            {
                try
                {
                    err.result = DBConnection.SystemConfig.SelectTotalCategory();
                    if (err.result != null)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("SelectTotalCategory", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 3
0
        /// <summary>
        /// Order_删除订单
        /// </summary>
        /// <param name="OrderID">订单ID</param>
        public static ReturnClass DeleteOrder(string OrderID)
        {
            ReturnClass err = new ReturnClass();

            if (StaticInfo.hasNoZhuRu(OrderID))
            {
                try
                {
                    err.result = DBConnection.OrderData.DeleteOrderData(OrderID);
                    if (Convert.ToInt32(err.result) > 0)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("DeleteOrder", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 4
0
        /// <summary>
        /// Order_查询单条订单详情
        /// </summary>
        /// <param name="OrderID">订单ID</param>
        public static ReturnClass SelectOrderInfo(string OrderID)
        {
            ReturnClass err = new ReturnClass();

            if (StaticInfo.hasNoZhuRu(OrderID))
            {
                try
                {
                    err.result = DBConnection.OrderInfo.SelectOrder(OrderID);
                    if (err.result != null)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("SelectOrderInfo", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 5
0
        /// <summary>
        /// 添加系统设置
        /// </summary>
        /// <param name="Value">账号</param>
        /// <param name="Name">姓名</param>
        /// <param name="ConfigID">系统设置ID</param>
        /// <param name="ConfigName">系统设置名称</param>
        public static ReturnClass AddSystemConfig(string Value, string Name, int ConfigID, string ConfigName)
        {
            ReturnClass err = new ReturnClass();

            if (StaticInfo.hasNoZhuRu(Value) && StaticInfo.hasNoZhuRu(ConfigName))
            {
                try
                {
                    err.result = DBConnection.SystemConfig.InsertSystemConfig(Value, Name, ConfigID, ConfigName);
                    if (Convert.ToInt32(err.result) > 0)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("AddSystemConfig", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 6
0
        /// <summary>
        /// 修改餐品信息
        /// </summary>
        /// <param name="ID">餐品ID</param>
        /// <param name="FoodName">菜名</param>
        /// <param name="Category">种类</param>
        /// <param name="pic">图片地址</param>
        /// <param name="ShopID">商店ID</param>
        /// <param name="MenuID">菜单ID</param>
        /// <param name="Des">描述</param>
        /// <param name="Price">单价</param>
        /// <param name="AdminID">添加人ID</param>
        /// <param name="IsShow">是否显示</param>
        public static ReturnClass UpDateFood(int ID, string FoodName, int Category, string pic, int ShopID, int MenuID, string Des, string Price, string AdminID, int IsShow)
        {
            ReturnClass err = new ReturnClass();

            if (StaticInfo.hasNoZhuRu(FoodName) && StaticInfo.hasNoZhuRu(pic) && StaticInfo.hasNoZhuRu(Des) && StaticInfo.hasNoZhuRu(Price) && StaticInfo.hasNoZhuRu(AdminID))
            {
                try
                {
                    err.result = DBConnection.FoodInfo.UpdateFoodInfo(ID, FoodName, Category, pic, ShopID, MenuID, Des, Price, AdminID, IsShow);
                    if (Convert.ToInt32(err.result) > 0)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("UpdateFood", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 7
0
        /// <summary>
        /// 修改管理员密码
        /// </summary>
        /// <param name="Phone">电话号码</param>
        /// <param name="OldPsd">旧密码</param>
        /// <param name="NewPsd">新密码</param>
        public static ReturnClass RestPwd(string Phone, string OldPwd, string NewPwd)
        {
            ReturnClass err = new ReturnClass();

            if (StaticInfo.hasNoZhuRu(Phone) && StaticInfo.hasNoZhuRu(OldPwd) && StaticInfo.hasNoZhuRu(NewPwd))
            {
                try
                {
                    err.result = DBConnection.YuanGongInfo.RestPwd(Phone, OldPwd, NewPwd);
                    if (Convert.ToInt32(err.result) > 0)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("RestYuanGongPwd", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 8
0
        /// <summary>
        /// 修改员工信息
        /// </summary>
        /// <param name="YuanGongID">员工ID</param>
        /// <param name="Password">密码</param>
        /// <param name="Name">姓名</param>
        /// <param name="YuanGongType">工种</param>
        /// <param name="WorkGroup">工作组</param>
        /// <param name="Phone">电话</param>
        /// <param name="CategoryID">厨师用的类别</param>
        public static ReturnClass UpDateYuanGong(string YuanGongID, string Password, string Name, int ShopID, int YuanGongType, int WorkGroup, string Phone, int CategoryID)
        {
            ReturnClass err = new ReturnClass();

            if (StaticInfo.hasNoZhuRu(YuanGongID) && StaticInfo.hasNoZhuRu(Name) && StaticInfo.hasNoZhuRu(Password) && StaticInfo.hasNoZhuRu(Phone))
            {
                try
                {
                    err.result = DBConnection.YuanGongInfo.UpdateYuanGongInfo(YuanGongID, Password, Name, ShopID, YuanGongType, WorkGroup, Phone, CategoryID);
                    if (Convert.ToInt32(err.result) > 0)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("UpdateYuanGong", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 9
0
        /// <summary>
        /// 添加管理员
        /// </summary>
        /// <param name="AdminID">账号</param>
        /// <param name="Name">姓名</param>
        /// <param name="AdminType">管理员类型</param>
        /// <param name="Password">密码</param>
        /// <param name="Phone">电话</param>
        public static ReturnClass AddAdmin(string AdminID, string Name, int AdminType, string Password, string Phone)
        {
            ReturnClass err = new ReturnClass();

            if (StaticInfo.hasNoZhuRu(AdminID) && StaticInfo.hasNoZhuRu(Name) && StaticInfo.hasNoZhuRu(Password) && StaticInfo.hasNoZhuRu(Phone))
            {
                try
                {
                    err.result = DBConnection.AdminInfo.InsertAdminInfo(AdminID, Name, AdminType, Password, Phone);
                    if (Convert.ToInt32(err.result) > 0)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("AddAdmin", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 10
0
        /// <summary>
        /// 创建MD5签名 字典按ASCII码升序排序后 拼接成url params格式进行MD5加密
        /// </summary>
        /// <param name="dic">要签名参数字典</param>
        /// <returns>md5加密后的字符串</returns>
        public static string CreateSign(Dictionary <string, string> dic)
        {
            var stringA   = "";
            var resultDic = from obj in dic orderby obj.Key select obj;

            foreach (var keyValue in resultDic)
            {
                if (string.IsNullOrEmpty(keyValue.Value.Trim()))
                {
                    continue;
                }
                stringA += keyValue.Key.Trim() + "=" + keyValue.Value.Replace("\r\n", "").Replace(" ", "").Replace("\\", "").Trim() + "&";
            }
            var stringSignTemp = stringA + "key=" + key;
            var sign           = StaticInfo.MD5Encrypt32(stringSignTemp).ToUpper();

            return(sign);
        }
Ejemplo n.º 11
0
        /// <summary>
        /// 查询送餐员绩效
        /// </summary>
        /// <param name="intOrderTime">0上月 1本月</param>
        /// <param name="ShopID">店铺ID</param>
        public static ReturnTableClass SelectSongCanRen(int intOrderTime, int ShopID)
        {
            ReturnTableClass err = new ReturnTableClass();
            int bgTime           = 0; //开始时间
            int endTime          = 0; //结束时间

            if (intOrderTime == 0)
            {
                bgTime  = Convert.ToInt32(DateTime.Now.AddMonths(-1).ToString("yyyyMM0000"));
                endTime = Convert.ToInt32(DateTime.Now.ToString("yyyyMM0000"));
            }
            else if (intOrderTime == 1)
            {
                bgTime  = Convert.ToInt32(DateTime.Now.ToString("yyyyMM0000"));
                endTime = Convert.ToInt32(DateTime.Now.AddMonths(1).ToString("yyyyMM0000"));
            }
            if (StaticInfo.hasNoZhuRu("ShopID"))
            {
                try
                {
                    err.result = DBConnection.OrderData.SelectSongCanRen(bgTime, endTime, ShopID);
                    if (err.result != null)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("SelectSongCanRen", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 12
0
        //验证签名算法  参数字符串+secret+时间戳   MD5加密
        /// <summary>
        ///
        /// </summary>
        /// <param name="appId"></param>
        /// <param name="sign"></param>
        /// <param name="timeStamp"></param>
        /// <param name="pInput"></param>
        /// <returns></returns>
        // public static bool CheckSign(string key,string pInput)
        // {

        //     bool result = false;
        //     try
        //     {
        //         //在请求正文添加timespan(时间戳),nonce(随机数),sign(签名参数)
        //         //"{'appId':'1','phone':'13969800321','pwd':'123456','timespan':'201802932828','nonce':'288','sign':'noce288phone13969800321pwd123456timespan201802932828'}" sign用MD5加密

        //         //入参形式应该为
        //         //{'Phone':'13969800321','Pwd':'123456',TimeStamp':'20180419029388','DesCode':'abc','Sign':'Phone13969800321Pwd123456TimeStamp20180419029388'}
        //         //sign MD5加密  DesCode为RSA公钥加密
        //         //入参先用DES解密
        //         RSACryption rsaInput = new RSACryption();
        //         DESEncrypt.Key = rsaInput.RSADecrypt(privateKey, key);//运用私钥解密传来的公钥加密过的DES秘钥
        //         string inputStr = DESEncrypt.DesDecrypt(pInput);
        //         //将入参转为JSON对象
        //         JObject jobj = JObject.Parse(inputStr);
        //         //然后遍历Json对象所有Key Value
        //         string strParam = "";
        //         List<string> listParam = new List<string>();
        //         string sign = "";
        //         foreach (var j in jobj)
        //         {
        //             if (j.Key == "sign")
        //             {
        //                 sign = j.Value.ToString();
        //                 continue;
        //             }
        //             string strKeyValue = j.Key + j.Value;
        //             listParam.Add(strKeyValue);
        //         }
        //         listParam.OrderBy(item => item);
        //         foreach(string str in listParam)
        //         {
        //             strParam += str;
        //         }
        //         //完成排序组合,然后MD5加密
        //         //然后MD5加密
        //         string md5ParamStr = MD5Encrypt32(strParam);
        //         if(sign.Trim()==md5ParamStr.Trim())
        //         {
        //             result = true;
        //         }
        //         else
        //         {
        //             result = false;
        //         }
        //     }
        //     catch(Exception ex)
        //     {
        //         result = false;
        //     }
        //     return result;
        // }


        // //PEM格式密钥转XML
        // /// <summary>
        // /// RSA私钥格式转换,java->.net
        // /// </summary>
        // /// <param name="privateKey">java生成的RSA私钥</param>
        // /// <returns></returns>
        // public static string RSAPrivateKeyJava2DotNet(this string privateKey)
        // {
        //     RsaPrivateCrtKeyParameters privateKeyParam = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(Convert.FromBase64String(privateKey));
        //     return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent><P>{2}</P><Q>{3}</Q><DP>{4}</DP><DQ>{5}</DQ><InverseQ>{6}</InverseQ><D>{7}</D></RSAKeyValue>",
        //     Convert.ToBase64String(privateKeyParam.Modulus.ToByteArrayUnsigned()),
        //     Convert.ToBase64String(privateKeyParam.PublicExponent.ToByteArrayUnsigned()),
        //     Convert.ToBase64String(privateKeyParam.P.ToByteArrayUnsigned()),
        //     Convert.ToBase64String(privateKeyParam.Q.ToByteArrayUnsigned()),
        //     Convert.ToBase64String(privateKeyParam.DP.ToByteArrayUnsigned()),
        //     Convert.ToBase64String(privateKeyParam.DQ.ToByteArrayUnsigned()),
        //     Convert.ToBase64String(privateKeyParam.QInv.ToByteArrayUnsigned()),
        //     Convert.ToBase64String(privateKeyParam.Exponent.ToByteArrayUnsigned()));
        // }
        // public static string RSAPublicKeyJava2DotNet(this string publicKey)
        // {
        //     RsaKeyParameters publicKeyParam = (RsaKeyParameters)PublicKeyFactory.CreateKey(Convert.FromBase64String(publicKey));
        //     return string.Format("<RSAKeyValue><Modulus>{0}</Modulus><Exponent>{1}</Exponent></RSAKeyValue>",
        //         Convert.ToBase64String(publicKeyParam.Modulus.ToByteArrayUnsigned()),
        //         Convert.ToBase64String(publicKeyParam.Exponent.ToByteArrayUnsigned()));
        // }
        // /// <summary>
        // ///
        // /// </summary>
        // /// <param name="parames"></param>
        // /// <returns></returns>
        // public static Tuple<string,string> GetQueryString(Dictionary<string,string> parames)
        // {
        //     StringBuilder query = new StringBuilder("");//签名字符串
        //     StringBuilder queryStr = new StringBuilder("");//url参数
        //     try
        //     {
        //         //将字典按Key首字母排序
        //         IDictionary<string, string> sortedParams = new SortedDictionary<string, string>(parames);
        //         IEnumerator<KeyValuePair<string, string>> dem = sortedParams.GetEnumerator();
        //         //将所有签名字符串按照KeyValue形式串起来

        //         if (parames == null || parames.Count < 1)
        //         {
        //             return new Tuple<string, string>("","");
        //         }
        //         while (dem.MoveNext())
        //         {
        //             string key = dem.Current.Key;
        //             string value = dem.Current.Value;
        //             if (string.IsNullOrEmpty(key)&&key!="sign")
        //             {
        //                 query.Append(key).Append(value);
        //                 queryStr.Append("&").Append(key).Append("=").Append(value);
        //             }
        //         }
        //     }
        //     catch (Exception)
        //     {
        //         return new Tuple<string, string>("", "");
        //     }
        //     return new Tuple<string, string>(query.ToString(), queryStr.ToString().Substring(1, queryStr.Length - 1));
        // }

        #region  Post方式提交请求
        /// <summary>
        /// Post方式提交请求
        /// </summary>
        /// <param name="Url">地址</param>
        /// <param name="postDataStr">form中的参数字符串</param>
        /// <returns></returns>
        public static string CreatePostHttpResponse(string url, string postStr, int tradeChannel)
        {
            try
            {
                StaticInfo.Log("url:" + url.ToString());
                StaticInfo.Log("postData:" + postStr.ToString());
                // 编辑并Encoding提交的数据
                byte[] data = new UTF8Encoding().GetBytes(postStr);                 //Encoding.UTF8.GetBytes(postStr);// new UTF8Encoding().GetBytes(postDataStr);//

                // 发送请求
                System.Net.HttpWebRequest request = (System.Net.HttpWebRequest)System.Net.WebRequest.Create(url);
                request.Method  = "POST";
                request.Timeout = 5000;
                if (tradeChannel == 2)
                {
                    request.ContentType = "application/json;charset=utf-8";
                }
                else
                {
                    request.ContentType = "application/xml;charset=utf-8";
                }
                request.ContentLength = data.Length;

                using (var stream = request.GetRequestStream())
                {
                    stream.Write(data, 0, data.Length);
                }

                // 获得回复
                var response       = (HttpWebResponse)request.GetResponse();
                var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
                StaticInfo.Log("responseData:" + responseString.ToString());
                return(responseString);
            }

            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
                StaticInfo.Log("httppost请求发生异常:" + ex.ToString());
                return("");
            }
        }
Ejemplo n.º 13
0
        /// <summary>
        /// 修改系统设置
        /// </summary>
        /// <param name="ID">编号</param>
        /// <param name="Value">内容</param>
        public static ReturnClass UpdateSystemConfig(string ID, string Value)
        {
            ReturnClass err = new ReturnClass();

            string[] strID       = ID.Split(',');
            int      countSussed = 0;

            if (StaticInfo.hasNoZhuRu(Value))
            {
                try
                {
                    foreach (string sid in strID)
                    {
                        if (sid != "")
                        {
                            countSussed += DBConnection.SystemConfig.UpdateSystemConfig(Convert.ToInt32(sid), Value);
                        }
                    }
                    err.result = countSussed;
                    if (Convert.ToInt32(err.result) > 0)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("AddSystemConfig", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 14
0
        /// <summary>
        /// Order_修改状态
        /// </summary>
        /// <param name="OrderID">订单ID</param>
        /// <param name="State">状态</param>
        public static ReturnClass UpDateOrderState(string OrderID, int State)
        {
            ReturnClass err = new ReturnClass();

            string[] strOrderID = OrderID.Split(',');
            int      CountRows  = 0;

            if (StaticInfo.hasNoZhuRu(OrderID))
            {
                try
                {
                    foreach (string oid in strOrderID)
                    {
                        CountRows += DBConnection.OrderData.UpdateOrderState(oid, State);
                    }
                    err.result = CountRows;
                    if (Convert.ToInt32(err.result) > 0)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("UpdateOrderState", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 15
0
        /// <summary>
        /// Order_送餐员查看自己要送的订单
        /// </summary>
        /// <param name="intTime">哪个时间段的订餐 0:全天 1:早餐 2:午餐 3:晚餐</param>
        /// <param name="State">订单的状态 0:未结束 1:已结束</param>
        /// <param name="ShopID">店铺ID</param>
        /// <param name="OrderTime">要查询的订单送餐时间</param>
        /// where OrderTime = 2016082418 and y.YuanGongID = 2 and d.ShopID = 1 and d.State = 0
        public static ReturnClass SelectTotalOrderDataSongCan(int intTime, int State, int ShopID, DateTime OrderTime, int YuanGongID)
        {
            ReturnClass err      = new ReturnClass();
            string      sqlWhere = "where 1=1 and d.ShopID=" + Convert.ToString(ShopID) + " ";//where OrderTime = 2016082418 and y.YuanGongID = 2 and d.ShopID = 1 and d.State = 0
            int         thisTime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));

            if (StaticInfo.hasNoZhuRu("aa"))
            {
                try
                {
                    if (intTime == 0)
                    {
                        int Btime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));            //开始的时间 2016082500
                        int Etime = Convert.ToInt32(OrderTime.AddDays(1).ToString("yyyyMMdd00")); //结束的时间 2016082600
                        sqlWhere += " and d.OrderTime between " + Btime + " and " + Etime + " ";
                    }
                    else if (intTime == 1)                                                                                        //早餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(1).Rows[0]["Value"]); //早晨6:00
                        sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    else if (intTime == 2)                                                                                        //午餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(2).Rows[0]["Value"]); //中午12:00
                        sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    else if (intTime == 3)                                                                                        //晚餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(3).Rows[0]["Value"]); //下午18:00
                        sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    if (State != -1)
                    {
                        sqlWhere += " and d.State=" + Convert.ToString(State) + " ";
                    }
                    if (YuanGongID != -1)
                    {
                        sqlWhere += " and d.YuanGongID=" + Convert.ToString(YuanGongID) + " ";
                    }
                    err.result = DBConnection.OrderData.SelectTotalOrderDataSongCan(sqlWhere);
                    if (err.result != null)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("SelectTotalOrderInfoChuShi", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 16
0
        /// <summary>
        /// Order_厨师查看自己的订单详情
        /// </summary>
        /// /// <param name="intTime">哪个时间段的订餐 0:全天 1:早餐 2:午餐 3:晚餐</param>
        /// <param name="State">订单的状态 0:未结束 1:已结束</param>
        /// <param name="ShopID">店铺ID</param>
        /// <param name="OrderTime">查询的日期</param>
        /// <param name="Category">种类 1:肉类2:蔬菜类3:面食</param>
        public static ReturnClass SelectTotalOrderInfoChuShi(int intTime, int State, int ShopID, DateTime OrderTime, int Category)
        {
            ////看一下当前时间应该是查看什么时间段的订餐
            OrderTime = DateTime.Now;
            //int intOrderTime =Convert.ToInt32(DateTime.Now.ToString("yyyyMMddHH"));
            //if(intOrderTime<Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd06")))//当日早餐
            //{
            //    intTime = 1;
            //}
            //else if(intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd06"))&& intOrderTime < Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd12")))//当日午餐
            //{
            //    intTime = 2;
            //}
            //else if (intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd12")) && intOrderTime < Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd18")))//当日晚餐
            //{
            //    intTime = 3;
            //}
            //else if(intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd18"))&& intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd24")))//明天早餐
            //{
            //    OrderTime.AddDays(1);
            //    intTime = 1;
            //}
            ReturnClass err      = new ReturnClass();
            string      sqlWhere = "where 1=1 and f.ShopID=" + Convert.ToString(ShopID) + " ";//where i.OrderTime =2016082418 and c.ID=1 and f.ShopID=1 and d.State=0
            int         thisTime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));

            if (StaticInfo.hasNoZhuRu("aa"))
            {
                try
                {
                    if (intTime == 0)
                    {
                        int Btime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));            //开始的时间 2016082500
                        int Etime = Convert.ToInt32(OrderTime.AddDays(1).ToString("yyyyMMdd00")); //结束的时间 2016082600
                        sqlWhere += " and i.OrderTime between " + Btime + " and " + Etime + " ";
                    }
                    else if (intTime == 1)                                                                                        //早餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(1).Rows[0]["Value"]); //早晨6:00
                        sqlWhere += " and i.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    else if (intTime == 2)                                                                                        //午餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(2).Rows[0]["Value"]); //中午12:00
                        sqlWhere += " and i.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    else if (intTime == 3)                                                                                        //晚餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(3).Rows[0]["Value"]); //下午18:00
                        sqlWhere += " and i.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    if (State != -1)
                    {
                        sqlWhere += " and d.State=" + Convert.ToString(State) + " ";
                    }
                    if (Category != -1)
                    {
                        sqlWhere += " and c.ID=" + Convert.ToString(Category) + " ";
                    }
                    err.result = DBConnection.OrderInfo.SelectTotalOrderInfoChuShi(sqlWhere);
                    if (err.result != null)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("SelectTotalOrderInfoChuShi", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 17
0
        /// <summary>
        /// Order_查询当日所有订单分页
        /// </summary>
        /// <param name="intPageIndex">第几页</param>
        /// <param name="eachPageNum">每页显示几条</param>
        /// <param name="intTime">哪个时间段的订餐 0:全天 1:早餐 2:午餐 3:晚餐</param>
        /// <param name="State">订单的状态 0:未结束 1:已结束</param>
        /// <param name="ShopID">店铺ID</param>
        public static ReturnTableClass SelectOrderByPageIndex(int intPageIndex, int eachPageNum, int intTime, int State, DateTime OrderTime, int ShopID, string Name)
        {
            ReturnTableClass err      = new ReturnTableClass();
            DataTable        dtRow    = null;
            string           sqlWhere = "where 1=1 and d.ShopID=" + Convert.ToString(ShopID) + " ";
            int thisTime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));

            if (StaticInfo.hasNoZhuRu("aa"))
            {
                try
                {
                    if (intTime == 0)
                    {
                        int Btime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));            //开始的时间 2016082500
                        int Etime = Convert.ToInt32(OrderTime.AddDays(1).ToString("yyyyMMdd00")); //结束的时间 2016082600
                        sqlWhere += " and d.OrderTime between " + Btime + " and " + Etime + " ";
                    }
                    else if (intTime == 1)                                                                                        //早餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(1).Rows[0]["Value"]); //早晨6:00
                        sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    else if (intTime == 2)                                                                                        //午餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(2).Rows[0]["Value"]); //中午12:00
                        sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    else if (intTime == 3)                                                                                        //晚餐
                    {
                        thisTime  = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(3).Rows[0]["Value"]); //下午18:00
                        sqlWhere += " and d.OrderTime =" + Convert.ToString(thisTime) + " ";
                    }
                    if (State != -1)
                    {
                        sqlWhere += " and d.State=" + Convert.ToString(State) + " ";
                    }
                    if (Name != "-1")
                    {
                        sqlWhere += " and d.Name like '%" + Name + "%'";
                    }
                    err.result   = DBConnection.OrderData.SelectTotalOrderDataByPageIndex(intPageIndex, eachPageNum, sqlWhere, out dtRow);
                    err.RowCount = dtRow;

                    if (err.result != null)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("SelectOrderInfo", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 18
0
        /// <summary>
        /// 创建一个Token
        /// </summary>
        /// <param name="jsonStr"></param>
        /// <returns></returns>
        public static ReturnClass CreatToken(string jsonStr)
        {
            ReturnClass rc = new ReturnClass();

            try
            {
                JObject jObj = new JObject();
                jObj = JObject.Parse(jsonStr);
                if (string.IsNullOrEmpty(jObj["UserName"].ToString()) || string.IsNullOrEmpty(jObj["Password"].ToString()))
                {
                    rc.Msg  = "参数为空";
                    rc.Code = Code.ERR_Sign;
                    rc.Data = "";
                    return(rc);
                }
                string userName = jObj["UserName"].ToString();                          //用户名
                string password = StaticInfo.MD5Encrypt32(jObj["Password"].ToString()); //密码

                //去数据库查询是否有合法
                MySqlParameter[] sp = new MySqlParameter[2];
                sp[0] = new MySqlParameter("@account", userName);
                sp[1] = new MySqlParameter("@password", password);
                var sqlselect1 = string.Format("select * from ws_system_admin where account=@account and pwd=@password");
                //DataRow result=MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0].Rows[0];
                //DataTable dtneed=MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0];
                DataTable dataTable = MySqlHelper.GetDataSet(MySqlHelper.Conn, CommandType.Text, sqlselect1, sp).Tables[0];
                if (dataTable.Rows.Count < 1)
                {
                    rc.Msg  = "用户名或密码错误";
                    rc.Code = Code.ERR_Sign;
                    rc.Data = "";
                    return(rc);
                }
                DataRow result = dataTable.Rows[0]; //MySqlHelper.GetDataSet(MySqlHelper.Conn,CommandType.Text,sqlselect1,sp).Tables[0].Rows[0];  //SqlHelper.ExecuteDataRow( System.Data.CommandType.Text, "select * from [Base_Users] where UserName='******' and Password='******'");

                if (result == null)                 //说明不存在
                {
                    rc.Msg  = "用户不存在";
                    rc.Code = Code.ERR_Sign;
                    rc.Data = "";
                    return(rc);
                }

                // //只要是一登陆先清除token
                // MemoryCachingHelper._cache.Remove(result["UserID"].ToString());
                //  //先判断下缓存中是否存在  这个地方必须拿token去获取

                // if(MemoryCachingHelper.Exists(result["UserID"].ToString()))
                // {
                //     rc.Msg = "成功!";
                //     rc.Code = Code.SUCCED;
                //     rc.Data = (Token)MemoryCachingHelper.Get(result["UserID"].ToString());
                // }
                // else//不存在才会去生成Token

                //登陆时先删除
                var redisTokenFlag = result["id"].ToString() + result["account"].ToString();
                if (RedisStaticHelper.Exists(redisTokenFlag))
                {
                    //先删除
                    var jwtTokenStr = RedisStaticHelper.Get(redisTokenFlag);
                    RedisStaticHelper.Del(jwtTokenStr);
                    RedisStaticHelper.Del(redisTokenFlag);
                }
                {
                    //生成JWT

                    //生成token
                    Token tk = new Token();
                    tk.userName = result["account"].ToString();
                    tk.userID   = result["id"].ToString();
                    tk.sub      = "Client";
                    //距离上次登录的毫秒数
                    tk.Timestamp = Convert.ToString(DateTimeToStamp(DateTime.Now)); //DateTime.Now.ToString("yyyyMMddHHmmss");
                    //token生成规则 用户名 密码 时间戳 MD5加密
                    //tk.AccessToken = MD5Encrypt32(EmpID, password, tk.Timestamp);
                    //存一下token

                    DateTime UTC    = DateTime.UtcNow;
                    Claim[]  claims = new Claim[]
                    {
                        new Claim(JwtRegisteredClaimNames.Sub, tk.sub),                                    //Subject,
                        new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),                 //JWT ID,JWT的唯一标识
                        new Claim(JwtRegisteredClaimNames.Iat, UTC.ToString(), ClaimValueTypes.Integer64), //Issued At,JWT颁发的时间,采用标准unix时间,用于验证过期
                    };

                    JwtSecurityToken jwt = new JwtSecurityToken(
                        issuer: "TianTao",                                                                                                            //jwt签发者,非必须
                        audience: tk.userName,                                                                                                        //jwt的接收该方,非必须
                        claims: claims,                                                                                                               //声明集合
                        expires: UTC.AddHours(12),                                                                                                    //指定token的生命周期,unix时间戳格式,非必须
                        signingCredentials: new Microsoft.IdentityModel.Tokens
                        .SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes("RayPI's Secret Key")), SecurityAlgorithms.HmacSha256)); //使用私钥进行签名加密

                    var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);                                                                   //生成最后的JWT字符串
                    tk.AccessToken = encodedJwt;
                    // int count = SqlHelper.ExecuteNonQuery(System.Data.CommandType.Text, "update [Emp] set Token='" + tk.AccessToken + "' where EmpID='" + EmpID + "' and Pwd='" + password + "'");
                    // if (count < 1)
                    // {
                    //     rc.Msg = "失败,重试";
                    //     rc.Code = Code.SystemError;
                    //     rc.Data = "";
                    //     return rc;
                    // }
                    rc.Msg  = "成功!";
                    rc.Code = Code.SUCCED;
                    rc.Data = tk;
                    //将token 存入缓存
                    //MemoryCachingHelper.addMemoryCache(tk.AccessToken,tk,new TimeSpan(0,10,0),new TimeSpan(0,10,0));
                    RedisStaticHelper.Set(tk.AccessToken, tk.ToJson());
                    RedisStaticHelper.Set(tk.userID + tk.userName, tk.AccessToken);
                }
                return(rc);
            }
            catch (Exception ex)
            {
                StaticInfo.Log(ex.ToString());
                rc.Msg  = "违反了中央八项纪律";
                rc.Code = Code.SystemError;
                rc.Data = "";
                return(rc);
            }
        }
Ejemplo n.º 19
0
        /// <summary>
        /// Order_厨师查看自己的订单详情
        /// </summary>
        /// <param name="ShopID">店铺ID</param>

        public static ReturnClass SelectTotalOrderDataFenCan(int ShopID)
        {
            ////看一下当前时间应该是查看什么时间段的订餐
            DateTime OrderTime    = DateTime.Now;
            int      intTime      = 0;
            int      intOrderTime = Convert.ToInt32(DateTime.Now.ToString("yyyyMMddHH"));

            if (intOrderTime <= Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd06")))//当日早餐
            {
                intTime = 1;
            }
            else if (intOrderTime >= Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd06")) && intOrderTime < Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd12")))//当日午餐
            {
                intTime = 2;
            }
            else if (intOrderTime >= Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd12")) && intOrderTime < Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd18")))//当日晚餐
            {
                intTime = 3;
            }
            else if (intOrderTime >= Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd18")) && intOrderTime > Convert.ToInt32(DateTime.Now.ToString("yyyyMMdd24")))//明天早餐
            {
                OrderTime.AddDays(1);
                intTime = 1;
            }
            ReturnClass err      = new ReturnClass();
            int         thisTime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));

            if (StaticInfo.hasNoZhuRu("aa"))
            {
                try
                {
                    if (intTime == 0)
                    {
                        int Btime = Convert.ToInt32(OrderTime.ToString("yyyyMMdd00"));                                           //开始的时间 2016082500
                        int Etime = Convert.ToInt32(OrderTime.AddDays(1).ToString("yyyyMMdd00"));                                //结束的时间 2016082600
                    }
                    else if (intTime == 1)                                                                                       //早餐
                    {
                        thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(1).Rows[0]["Value"]); //早晨6:00
                    }
                    else if (intTime == 2)                                                                                       //午餐
                    {
                        thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(2).Rows[0]["Value"]); //中午12:00
                    }
                    else if (intTime == 3)                                                                                       //晚餐
                    {
                        thisTime = thisTime + Convert.ToInt32(DBConnection.SystemConfig.SelectSystemConfig(3).Rows[0]["Value"]); //下午18:00
                    }
                    DataTable dt1 = DBConnection.OrderInfo.SelectTotalFenCanNum(thisTime, ShopID);
                    DataTable dt2 = DBConnection.OrderInfo.SelectTotalFenCanNumBySongCanYuan(thisTime, ShopID);

                    dt1.Columns.Add("NumByYuanGong");

                    foreach (DataRow dr in dt1.Rows)
                    {
                        string s = "";
                        foreach (DataRow drr in dt2.Rows)
                        {
                            if (dr["FoodID"].ToString() == drr["FoodID"].ToString())
                            {
                                if (drr["YuanGongName"].ToString() != "")
                                {
                                    s += drr["YuanGongName"].ToString() + ":" + drr["totalNum"].ToString() + "份 ";
                                }
                                else
                                {
                                    s += "未知人" + ":" + drr["totalNum"].ToString() + "份 ";
                                }
                            }
                        }
                        dr["NumByYuanGong"] = s;
                    }

                    err.result = dt1;
                    if (err.result != null)
                    {
                        err.Code = ErrorCode.SUSCCED;
                    }
                    else
                    {
                        err.Code = ErrorCode.FAIL;
                    }
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("SelectTotalOrderInfoChuShi", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }
Ejemplo n.º 20
0
        /// <summary>
        /// Order插入数据
        /// </summary>
        /// <param name="Name">姓名</param>
        /// <param name="Phone">电话</param>
        /// <param name="Address">地址</param>
        /// <param name="ShopID">商店ID</param>
        /// <param name="List">订单详情</param>
        /// <param name="OrderTime">预定时间</param>
        /// <param name="OrderDate">预定日期</param>
        ///
        /// 插入orderData 表->插入单品到orderInfo表->计算价格->返回清单给顾客->付款
        /// list foodID num Price OrderTime  例如:1,红烧肉,2,30|3,尖椒炒鸡蛋,1,18
        /// Address格式为 楼号层数,床号  例如:108,0812床  1号楼8楼,0812床号
        public static ReturnClass AddOrder(string Name, string Phone, string Address, int ShopID, string List, string OrderTime, string OrderDate)
        {
            int    YuanGongID = 0;                                                                        //员工ID
            int    LouHao     = Convert.ToInt32(Address.Split(',')[0]);                                   //楼号
            string ChuangHao  = Address.Split(',')[1];                                                    //床号

            if (DBConnection.SystemConfig.SelectValueByConfigIDAndValue(1002, LouHao.ToString()) != null) //说明有值
            {
                //查询相应的送餐员ID
                YuanGongID = Convert.ToInt32(DBConnection.SystemConfig.SelectValueByConfigIDAndValue(1002, LouHao.ToString()));
            }
            if (DBConnection.SystemConfig.SelectConfigNameByConfigIDAndName(1002, LouHao.ToString()) != null)//说明有值
            {
                //如果有这座楼,重新组建Address用中文的形式,理论上应该为   例: 门诊楼8楼,0828床
                Address = DBConnection.SystemConfig.SelectConfigNameByConfigIDAndName(1002, LouHao.ToString()) + "," + ChuangHao;
            }
            else//没有这层
            {
            }
            //处理一下订餐的日期和时间  日期处理成yyyyMMddHH00的int型,时间处理成yyyyMMdd(06|12|18)分别代表早餐 午餐 晚餐,方便比较大小
            string[]    date         = OrderDate.Split('-');
            int         intOrderDate = Convert.ToInt32(date[0] + date[1] + date[2] + "00");  //当前订餐日期
            int         intOrderTime = intOrderDate + Convert.ToInt32(OrderTime);            //当前订餐时间 格式2016090806 2016090812 2016090818
            int         intTimeNow   = Convert.ToInt32(DateTime.Now.ToString("yyyyMMddHH")); //当前时间,为了判断订餐时间是否合法
            ReturnClass err          = new ReturnClass();

            //判断订餐是否合法
            if (intTimeNow > intOrderTime - 2)//说明超出了此次就餐时间
            {
                err.result = -2;
                err.Code   = ErrorCode.FAIL;
                err.Msg    = "订单添加失败了!原因是当前时间超过了预定时间!";
                return(err);
            }
            if (StaticInfo.hasNoZhuRu(Name) && StaticInfo.hasNoZhuRu(Phone) && StaticInfo.hasNoZhuRu(Address) && StaticInfo.hasNoZhuRu(List)) //判断是否sql注入
            {
                string OrderID = StaticInfo.CreatOrderID();                                                                                   //生成订单号
                //拆分字符串 获取详细订单
                string[] OrderInfoArray = List.Split('|');
                int      CountRow       = 0;     //成功插入的条数
                string   ListDetail     = "";    //方便打印存储一下订单详情内容
                decimal  TotalPrice     = 0.00M; //订单的总价格
                //初始化一个表格 为了订单详情生成 逻辑为如果有一点数据不合法,那么这个datatable就=null,数据库不做任何处理
                #region 初始化datatalbe
                DataTable  dtList = new DataTable("dtList");
                DataColumn dtc    = new DataColumn("FoodID", typeof(string));
                dtList.Columns.Add(dtc);
                dtc = new DataColumn("FoodName", typeof(string));
                dtList.Columns.Add(dtc);
                dtc = new DataColumn("Num", typeof(string));
                dtList.Columns.Add(dtc);
                dtc = new DataColumn("Price", typeof(string));
                dtList.Columns.Add(dtc);
                #endregion
                try
                {
                    if (OrderInfoArray != null)
                    {
                        foreach (string strOrderData in OrderInfoArray)
                        {
                            if (strOrderData == null || strOrderData == "")
                            {
                                continue;
                            }
                            else
                            {
                                string[]  OrderData = strOrderData.Split(',');                                            //订单详情通过','拆分成数组便于取值
                                int       FoodID    = Convert.ToInt32(OrderData[0]);                                      //商品ID
                                string    FoodName  = Convert.ToString(OrderData[1]);                                     //商品名称
                                int       Num       = Convert.ToInt32(OrderData[2]);                                      //商品数量
                                decimal   Price     = Convert.ToDecimal(OrderData[3]);                                    //单条商品的总价
                                DataTable dtNeed    = DBConnection.FoodInfo.SelectFoodInfo(FoodID);
                                if (dtNeed != null && Num > 0 && Price > 0.00M)                                           //说明这是合法的数据,只能为正数
                                {
                                    FoodName = Convert.ToString(dtNeed.Rows[0]["FoodName"]);                              //商品名称
                                    DataRow dr = dtList.NewRow();
                                    dr["FoodID"]   = Convert.ToString(FoodID);                                            //ID
                                    dr["FoodName"] = Convert.ToString(FoodName);                                          //名称
                                    dr["Num"]      = Convert.ToString(Num);                                               //数量
                                    dr["Price"]    = Convert.ToDecimal(Num) * Convert.ToDecimal(dtNeed.Rows[0]["Price"]); //总价
                                    dtList.Rows.Add(dr);
                                }
                                else
                                {
                                    dtList = null;
                                    break;
                                }
                            }
                        }

                        if (dtList != null)
                        {
                            foreach (DataRow drr in dtList.Rows)
                            {
                                ListDetail += "品名:" + Convert.ToString(drr["FoodName"]) + "  数量:" + Convert.ToString(drr["Num"]) + "  价格:" + Convert.ToString(drr["Price"]) + "|"; //方便打印存储一下订单详情内容
                                TotalPrice += Convert.ToDecimal(drr["Price"]);                                                                                                     //计算总价格
                                                                                                                                                                                   //CountRow += 1;// 成功插入的条数+1
                            }
                            //
                            if (DBConnection.OrderInfo.InsertOrderInfo(OrderID, dtList, intOrderTime, Convert.ToString(TotalPrice), DateTime.Now, Name, Phone
                                                                       , Address, 0, YuanGongID, 0, 0, "", 1, ListDetail) > 0)
                            {
                                //说明订单生成成功了
                                err.result = 1;
                                err.Code   = ErrorCode.SUSCCED;
                                err.Msg    = "订单生成成功!";
                            }
                            else//说明失败了
                            {
                                err.result = 0;
                                err.Code   = ErrorCode.FAIL;
                                err.Msg    = "订单添加失败了!";
                            }
                        }



                        //if(dtList!=null)
                        //{
                        //    foreach (DataRow drr in dtList.Rows)
                        //    {
                        //        if (DBConnection.OrderInfo.InsertOrderInfo(OrderID,Convert.ToInt32(drr["FoodID"]),Convert.ToInt32(drr["Num"]),Convert.ToDecimal(drr["Price"]), OrderTime) > 0) //说明插入成功了
                        //        {
                        //            ListDetail += "品名:" +Convert.ToString(drr["FoodName"]) + "  数量:" + Convert.ToString(drr["Num"]) + "  价格:" + Convert.ToString(drr["Price"]) + "|";//方便打印存储一下订单详情内容
                        //            TotalPrice +=Convert.ToDecimal(drr["Price"]);//计算总价格
                        //            CountRow += 1;// 成功插入的条数+1
                        //        }
                        //    }
                        //}
                        else
                        {
                            err.Code   = ErrorCode.FAIL;
                            err.result = 0;
                            err.Msg    = "添加订单的数量或者价格参数不合法!";
                            return(err);
                        }
                    }
                    else//说明订单中并没有商品详情
                    {
                        err.result = 0;
                        err.Code   = ErrorCode.FAIL;
                        err.Msg    = "请选择餐品加入订单,再提交订单!";
                        return(err);
                    }
                    //要查询今天当班的送餐员(待定也可能由管理员指定)


                    //if (CountRow == OrderInfoArray.Length)//这说明全部插入成功了
                    //{
                    //    //添加一条新记录到OrderInfo表
                    //    if (DBConnection.OrderData.InsertOrderData(OrderID, Convert.ToString(TotalPrice), DateTime.Now, Name, Phone, Address, 0, 0, 0, 0, "", 1, ListDetail, OrderTime) > 0)
                    //    {
                    //        //说明订单生成成功了
                    //        err.result = 1;
                    //        err.Code = ErrorCode.SUSCCED;
                    //        err.Msg = "订单生成成功!";
                    //    }
                    //    else//说明失败了
                    //    {
                    //        err.result = 0;
                    //        err.Code = ErrorCode.FAIL;
                    //        err.Msg = "订单添加失败了!";
                    //    }
                    //}
                }
                catch (Exception ex)
                {
                    DBConnection.LogHelper.insertLogError("AddOrder", ex.ToString(), DateTime.Now);
                }
            }
            else
            {
                err.result = 0;
                err.Code   = ErrorCode.ERR_ZHURU;
                err.Msg    = "sql注入!";
            }
            return(err);
        }