public object SetUserMenus(object[] objParam)
{
String strUserID = objParam[0].ToString();
String strItemType = objParam[2].ToString();
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
//delete groups which will possibly be repeated later
string strDel = "delete from USERMENUS where USERID = '" + strUserID + "' and MENUID in (select MENUID from MENUTABLE where ITEMTYPE='" + strItemType + "')";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
cmd.CommandText = strDel;
cmd.ExecuteNonQuery();
//add new groups
if (objParam[1] != null && objParam[1].ToString() != "")
{
string[] MenuID = ((string)objParam[1]).Split(';');
for (int i = 0; i < MenuID.Length; i++)
if (MenuID[i].ToString() != "" && strUserID != "")
{
string strInsert = "insert into USERMENUS (USERID, MENUID) values ('"
+ strUserID + "', '" + MenuID[i].ToString() + "')";
//为了区分不同的数据库 by Rei
InfoCommand InsertCmd = new InfoCommand(ClientInfo);
InsertCmd.Connection = nwindConn;
InsertCmd.CommandText = strInsert;
InsertCmd.ExecuteNonQuery();
}
}
return new object[] { 0, null };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object DeleteUserMenuControls(object[] objParam)
{
String strMenuID = objParam[0].ToString();
String strUserID = objParam[1].ToString();
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "DELETE FROM USERMENUCONTROL WHERE MENUID='" + strMenuID + "' AND USERID='" + strUserID + "'";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object DelUser(object[] objParam)
{
string str = (String)objParam[0];
string[] id = str.Split(';');
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "delete from USERMENUCONTROL where USERID = '" + id[0] + "' and MENUID = '" + id[1] + "' and CONTROLNAME = '" + id[2] + "'";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
return new object[] { 0, null };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object UpdateRoleAgent(object[] objParam)
{
String roleID = (String)objParam[0];
String[] roles = objParam[1].ToString().Split(new String[] { "!" }, StringSplitOptions.RemoveEmptyEntries);
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
InfoCommand cmd = new InfoCommand(ClientInfo);
try
{
String strSql = "DELETE FROM SYS_ROLES_AGENT WHERE ROLE_ID='" + roleID + "'";
cmd.Transaction = nwindConn.BeginTransaction();
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
for (int i = 0; i < roles.Length; i++)
{
if (roles[i].EndsWith(","))
roles[i] = roles[i].Remove(roles[i].LastIndexOf(","));
strSql = "INSERT INTO SYS_ROLES_AGENT (ROLE_ID, AGENT, FLOW_DESC, START_DATE, START_TIME, END_DATE, END_TIME, PAR_AGENT, REMARK) " +
"VALUES ('" + roleID + "', " + roles[i] + ")";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
}
cmd.Transaction.Commit();
return new object[] { 0 };
}
catch (Exception ex)
{
cmd.Transaction.Rollback();
return new object[] { 0, ex.Message };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object UpdateWorkFlow(object[] objParam)
{
if (IsWorkFlowTransactionEnabled && GetWorkFlowTransaction(GetClientInfo(ClientInfoType.LoginDB).ToString()) != null)
{
IDbConnection nwindConn = AllocateWorkFlowConnection(GetClientInfo(ClientInfoType.LoginDB).ToString());
try
{
string sql = (string)objParam[0];
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
cmd.CommandText = sql;
//set work flow transaction
cmd.Transaction = GetWorkFlowTransaction(GetClientInfo(ClientInfoType.LoginDB).ToString());
//
try
{
cmd.ExecuteNonQuery();
return new object[] { 0, null };
}
catch (Exception e)
{
return new object[] { 1, e.Message };
}
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
else
{
string dbname = GetSplitSysDBSD(GetClientInfo(ClientInfoType.LoginDB).ToString());
if (WorkFlowTransmitterPropagationToken != null)
{
using (System.Transactions.TransactionScope ts = new System.Transactions.TransactionScope(System.Transactions.TransactionInterop.GetTransactionFromTransmitterPropagationToken(WorkFlowTransmitterPropagationToken)))
{
using (IDbConnection nwindConn = DbConnectionSet.GetDbConn(dbname, DeveloperID).CreateConnection())
{
if (nwindConn.State != ConnectionState.Open)
{
nwindConn.Open();
}
string sql = (string)objParam[0];
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
cmd.CommandText = sql;
try
{
var dbHelper = DbHelperFactory.CreateDbHelper();
if (dbHelper != null)
{
dbHelper.ExecuteNonQuery(cmd);
}
else
{
cmd.ExecuteNonQuery();
}
ts.Complete();
return new object[] { 0, null };
}
catch (Exception e)
{
return new object[] { 1, e.Message };
}
}
}
}
else
{
using (IDbConnection nwindConn = DbConnectionSet.GetDbConn(dbname, DeveloperID).CreateConnection())
{
if (nwindConn.State != ConnectionState.Open)
{
nwindConn.Open();
}
string sql = (string)objParam[0];
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
cmd.CommandText = sql;
try
{
var dbHelper = DbHelperFactory.CreateDbHelper();
if (dbHelper != null)
{
dbHelper.ExecuteNonQuery(cmd);
}
else
{
cmd.ExecuteNonQuery();
}
return new object[] { 0, null };
}
catch (Exception e)
{
return new object[] { 1, e.Message };
}
}
}
}
}
public object UpdateADUsers(object[] objParam)
{
String[] strAdUsers = objParam[0].ToString().Split(new String[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
object[] myRet = (object[])GetADUsers(null);
ArrayList alADUsers = myRet[1] as ArrayList;
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, false);
try
{
foreach (String strADUser in strAdUsers)
{
foreach (ADUser user in alADUsers)
{
if (strADUser == user.ID)
{
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql)
{
cmd.CommandText = "DELETE FROM USERS WHERE USERID=@USERID";
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = "@USERID";
idpUSERID.Value = user.ID;
cmd.Parameters.Add(idpUSERID);
}
else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix)
{
cmd.CommandText = "DELETE FROM USERS WHERE USERID=?";
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = "?";
idpUSERID.Value = user.ID;
cmd.Parameters.Add(idpUSERID);
}
else if (ct == ClientType.ctOracle)
{
cmd.CommandText = "DELETE FROM USERS WHERE USERID=:USERID";
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = ":USERID";
idpUSERID.Value = user.ID;
cmd.Parameters.Add(idpUSERID);
}
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql)
{
cmd.CommandText = "INSERT INTO USERS (USERID, USERNAME, DESCRIPTION, AUTOLOGIN, EMAIL, MSAD, CREATEDATE) " +
"VALUES (@USERID, @USERNAME, @DESCRIPTION, 'S', @EMAIL, 'Y', @CREATEDATE)";
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = "@USERID";
idpUSERID.Value = user.ID;
IDbDataParameter idpUSERNAME = cmd.CreateParameter();
idpUSERNAME.ParameterName = "@USERNAME";
idpUSERNAME.Value = user.Name;
IDbDataParameter idpDESCRIPTION = cmd.CreateParameter();
idpDESCRIPTION.ParameterName = "@DESCRIPTION";
idpDESCRIPTION.Value = user.Description;
IDbDataParameter idpEMAIL = cmd.CreateParameter();
idpEMAIL.ParameterName = "@EMAIL";
idpEMAIL.Value = user.Email;
IDbDataParameter idpCREATEDATE = cmd.CreateParameter();
idpCREATEDATE.ParameterName = "@CREATEDATE";
idpCREATEDATE.Value = DateTime.Today.ToString("yyyyMMdd");
cmd.Parameters.Add(idpUSERID);
cmd.Parameters.Add(idpUSERNAME);
cmd.Parameters.Add(idpDESCRIPTION);
cmd.Parameters.Add(idpEMAIL);
cmd.Parameters.Add(idpCREATEDATE);
}
else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix)
{
cmd.CommandText = "INSERT INTO USERS (USERID, USERNAME, DESCRIPTION, AUTOLOGIN, EMAIL, MSAD, CREATEDATE) " +
"VALUES (?, ?, ?, 'S', ?, 'Y', ?)";
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = "?";
idpUSERID.Value = user.ID;
IDbDataParameter idpUSERNAME = cmd.CreateParameter();
idpUSERNAME.ParameterName = "?";
idpUSERNAME.Value = user.Name;
IDbDataParameter idpDESCRIPTION = cmd.CreateParameter();
idpDESCRIPTION.ParameterName = "?";
idpDESCRIPTION.Value = user.Description;
IDbDataParameter idpEMAIL = cmd.CreateParameter();
idpEMAIL.ParameterName = "?";
idpEMAIL.Value = user.Email;
IDbDataParameter idpCREATEDATE = cmd.CreateParameter();
idpCREATEDATE.ParameterName = "?";
idpCREATEDATE.Value = DateTime.Today.ToString("yyyyMMdd");
cmd.Parameters.Add(idpUSERID);
cmd.Parameters.Add(idpUSERNAME);
cmd.Parameters.Add(idpDESCRIPTION);
cmd.Parameters.Add(idpEMAIL);
cmd.Parameters.Add(idpCREATEDATE);
}
else if (ct == ClientType.ctOracle)
{
cmd.CommandText = "INSERT INTO USERS (USERID, USERNAME, DESCRIPTION, AUTOLOGIN, EMAIL, MSAD, CREATEDATE) " +
"VALUES (:USERID, :USERNAME, :DESCRIPTION, 'S', :EMAIL, 'Y', :CREATEDATE)";
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = ":USERID";
idpUSERID.Value = user.ID;
IDbDataParameter idpUSERNAME = cmd.CreateParameter();
idpUSERNAME.ParameterName = ":USERNAME";
idpUSERNAME.Value = user.Name;
IDbDataParameter idpDESCRIPTION = cmd.CreateParameter();
idpDESCRIPTION.ParameterName = ":DESCRIPTION";
idpDESCRIPTION.Value = user.Description;
IDbDataParameter idpEMAIL = cmd.CreateParameter();
idpEMAIL.ParameterName = ":EMAIL";
idpEMAIL.Value = user.Email;
IDbDataParameter idpCREATEDATE = cmd.CreateParameter();
idpCREATEDATE.ParameterName = ":CREATEDATE";
idpCREATEDATE.Value = DateTime.Today.ToString("yyyyMMdd");
cmd.Parameters.Add(idpUSERID);
cmd.Parameters.Add(idpUSERNAME);
cmd.Parameters.Add(idpDESCRIPTION);
cmd.Parameters.Add(idpEMAIL);
cmd.Parameters.Add(idpCREATEDATE);
}
cmd.ExecuteNonQuery();
break;
}
}
}
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, false);
}
}
public object UpdateMenuTable(object[] objParam)
{
string[] itemType = ((String)objParam[0]).Split(';');
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "update MENUTABLE set ITEMTYPE = '" + itemType[1] + "' where ITEMTYPE = '" + itemType[0] + "'";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
//这个方法效率太低
public object InsertToMenu(object[] objParam)
{
for (int i = 0; i < objParam.Length; i++)
{
string Menu = (String)objParam[i];
if (Menu == ";;" || Menu == "" || Menu == null)
continue;
string[] Insert = Menu.Split(';');
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "insert into MENUTABLECONTROL (MENUID, CONTROLNAME , DESCRIPTION, TYPE) values ('" + Insert[0] + "', '" + Insert[1] + "', '" + Insert[2] + "', '" + Insert[3] + "')";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
return new object[] { 0 };
}
public object LogError(object[] objParam)
{
#region Build the command and exec the command to log error
ClientType ct = ClientType.ctNone;
IDbConnection conn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
String sQL = String.Empty;
//为了区分不同的数据库 by Rei
InfoCommand command = new InfoCommand(ClientInfo);
command.Connection = conn;
DbParameter paramUserId = null;
DbParameter paramMoudleName = null;
DbParameter paramErrMessage = null;
DbParameter paramErrStack = null;
DbParameter paramErrDescrip = null;
DbParameter paramErrDate = null;
DbParameter paramErrScreen = null;
DbParameter paramStatus = null;
if (conn is OleDbConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(?, ?, ?, ?, ?, ?, ?, ?)";
paramUserId = new OleDbParameter("@UserId", OleDbType.VarChar, 20);
paramMoudleName = new OleDbParameter("@ModuleName", OleDbType.VarChar, 30);
paramErrMessage = new OleDbParameter("@ErrMessage", OleDbType.VarChar, 300);
paramErrStack = new OleDbParameter("@ErrStack", OleDbType.VarChar, 5000);
paramErrDescrip = new OleDbParameter("@ErrDescrip", OleDbType.VarChar, 300);
paramErrDate = new OleDbParameter("@ErrDate", OleDbType.Date);
paramErrScreen = new OleDbParameter("@ErrScreen", OleDbType.Binary);
paramStatus = new OleDbParameter("@Status", OleDbType.VarChar, 2);
}
else if (conn is OdbcConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(@UserId, @ModuleName, @ErrMessage, @ErrStack, @ErrDescrip, @ErrDate, @ErrScreen, @Status)";
paramUserId = new OdbcParameter("@UserId", OdbcType.VarChar, 20);
paramMoudleName = new OdbcParameter("@ModuleName", OdbcType.VarChar, 30);
paramErrMessage = new OdbcParameter("@ErrMessage", OdbcType.VarChar, 300);
paramErrStack = new OdbcParameter("@ErrStack", OdbcType.VarChar, 5000);
paramErrDescrip = new OdbcParameter("@ErrDescrip", OdbcType.VarChar, 300);
paramErrDate = new OdbcParameter("@ErrDate", OdbcType.Date);
paramErrScreen = new OdbcParameter("@ErrScreen", OdbcType.Binary);
paramStatus = new OdbcParameter("@Status", OdbcType.VarChar, 2);
}
else if (conn is OracleConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(:UserId, :ModuleName, :ErrMessage, :ErrStack, :ErrDescrip, :ErrDate, :ErrScreen, :Status)";
paramUserId = new OracleParameter(":UserId", OracleType.VarChar, 20);
paramMoudleName = new OracleParameter(":ModuleName", OracleType.VarChar, 30);
paramErrMessage = new OracleParameter(":ErrMessage", OracleType.VarChar, 300);
paramErrStack = new OracleParameter(":ErrStack", OracleType.VarChar, 5000);
paramErrDescrip = new OracleParameter(":ErrDescrip", OracleType.VarChar, 300);
paramErrDate = new OracleParameter(":ErrDate", OracleType.DateTime);
paramErrScreen = new OracleParameter(":ErrScreen", OracleType.Blob, (objParam[6] as byte[]).Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, objParam[6]);
paramStatus = new OracleParameter(":Status", OracleType.VarChar, 2);
}
else if (conn is SqlConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(@UserId, @ModuleName, @ErrMessage, @ErrStack, @ErrDescrip, @ErrDate, @ErrScreen, @Status)";
paramUserId = new SqlParameter("@UserId", SqlDbType.VarChar, 20);
paramMoudleName = new SqlParameter("@ModuleName", SqlDbType.VarChar, 30);
paramErrMessage = new SqlParameter("@ErrMessage", SqlDbType.VarChar, 300);
paramErrStack = new SqlParameter("@ErrStack", SqlDbType.VarChar, 5000);
paramErrDescrip = new SqlParameter("@ErrDescrip", SqlDbType.VarChar, 300);
paramErrDate = new SqlParameter("@ErrDate", SqlDbType.DateTime);
paramErrScreen = new SqlParameter("@ErrScreen", SqlDbType.Binary);
paramStatus = new SqlParameter("@Status", SqlDbType.VarChar, 2);
}
#if MySql
else if (conn is MySqlConnection)
{
paramUserId = new MySqlParameter("@UserId", MySqlDbType.VarChar, 20);
paramMoudleName = new MySqlParameter("@ModuleName", MySqlDbType.VarChar, 30);
paramErrMessage = new MySqlParameter("@ErrMessage", MySqlDbType.VarChar, 300);
paramErrStack = new MySqlParameter("@ErrStack", MySqlDbType.VarChar, 5000);
paramErrDescrip = new MySqlParameter("@ErrDescrip", MySqlDbType.VarChar, 300);
paramErrDate = new MySqlParameter("@ErrDate", MySqlDbType.Datetime);
paramErrScreen = new MySqlParameter("@ErrScreen", MySqlDbType.Binary);
paramStatus = new MySqlParameter("@Status", MySqlDbType.VarChar, 2);
}
#endif
#if Informix
else if (conn is IBM.Data.Informix.IfxConnection)
{
sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" +
"values(?, ?, ?, ?, ?, ?, ?, ?)";
paramUserId = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 20);
paramMoudleName = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 30);
paramErrMessage = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 300);
paramErrStack = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Text, 5000);
paramErrDescrip = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 300);
paramErrDate = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.DateTime);
paramErrScreen = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Blob);
paramStatus = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 2);
}
#endif
command.CommandText = sQL;
paramUserId.Value = (objParam[0] == null ? "" : objParam[0]);
paramMoudleName.Value = (objParam[1] == null ? "" : objParam[1]); ;
paramErrMessage.Value = (objParam[2] == null ? "" : objParam[2]); ;
paramErrStack.Value = (objParam[3] == null ? "" : objParam[3]); ;
paramErrDescrip.Value = (objParam[4] == null ? "" : objParam[4]); ;
paramErrDate.Value = (objParam[5] == null ? DateTime.Now : objParam[5]); ;
paramErrScreen.Value = (objParam[6] == null ? "" : objParam[6]); ;
paramStatus.Value = (objParam[7] == null ? "" : objParam[7]); ;
command.Parameters.Add(paramUserId);
command.Parameters.Add(paramMoudleName);
command.Parameters.Add(paramErrMessage);
command.Parameters.Add(paramErrStack);
command.Parameters.Add(paramErrDescrip);
command.Parameters.Add(paramErrDate);
command.Parameters.Add(paramErrScreen);
command.Parameters.Add(paramStatus);
Int32 i = command.ExecuteNonQuery();
if (i != 1)
{
return new object[] { 1 };
}
else
{
return new object[] { 0 };
}
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conn, true);
}
#endregion
}
public object[] AnyQuerySave(object[] param)
{
String userID = GetClientInfo(ClientInfoType.LoginUser).ToString();
String queryID = param[0].ToString();
String templateID = param[1].ToString();
String xmlText = param[2].ToString();
String tableName = param[3].ToString();
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
String sql = "DELETE FROM SYS_ANYQUERY WHERE USERID='" + userID + "' AND QUERYID='" + queryID + "' AND TEMPLATEID='" + templateID + "'";
InfoCommand myCommand = new InfoCommand(ClientInfo);
myCommand.Connection = nwindConn;
myCommand.CommandText = sql;
myCommand.ExecuteNonQuery();
String dt = DateTime.Now.ToShortDateString() + " " + DateTime.Now.Hour + ":" + DateTime.Now.Minute + ":" + DateTime.Now.Second;
if (ct == ClientType.ctMsSql)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', @CONTENT)";
SqlParameter paramContent = new SqlParameter();
paramContent.ParameterName = "@CONTENT";
paramContent.SqlDbType = SqlDbType.Text;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
else if (ct == ClientType.ctOracle)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', to_date('" + dt + "', 'yyyy/mm/dd hh24:mi:ss'), :CONTENT)";
OracleParameter paramContent = new OracleParameter();
paramContent.ParameterName = ":CONTENT";
paramContent.OracleType = OracleType.Blob;
byte[] byteArray = System.Text.Encoding.Default.GetBytes(xmlText);
paramContent.Value = byteArray;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
else if (ct == ClientType.ctODBC)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)";
OdbcParameter paramContent = new OdbcParameter();
paramContent.ParameterName = "@CONTENT";
paramContent.OdbcType = OdbcType.NText;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
else if (ct == ClientType.ctOleDB)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)";
OleDbParameter paramContent = new OleDbParameter();
paramContent.ParameterName = "@CONTENT";
paramContent.OleDbType = OleDbType.Binary;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
#if MySQL
else if (ct == ClientType.ctMySql)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', @CONTENT)";
SqlParameter paramContent = new SqlParameter();
paramContent.ParameterName = "@CONTENT";
paramContent.SqlDbType = SqlDbType.Text;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
#endif
#if Informix
else if (ct == ClientType.ctInformix)
{
sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)";
IBM.Data.Informix.IfxParameter paramContent = new IBM.Data.Informix.IfxParameter();
paramContent.ParameterName = "?";
paramContent.IfxType = IBM.Data.Informix.IfxType.Text;
paramContent.Value = xmlText;
myCommand.CommandText = sql;
myCommand.Parameters.Add(paramContent);
}
#endif
myCommand.ExecuteNonQuery();
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object InsertToGroup(object[] objParam)
{
string Group = (String)objParam[0];
string[] insert = Group.Split(';');
if (insert[0] == null || insert[0] == "")
return new object[] { 0 };
else
{
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "insert into GROUPMENUCONTROL (GROUPID, MENUID, CONTROLNAME, TYPE, ENABLED, VISIBLE, ALLOWADD, ALLOWUPDATE, ALLOWDELETE, ALLOWPRINT)" +
" values ( '" + insert[0] + "', '" + insert[1] + "', '" + insert[2] + "', '" + insert[3] +
"', '" + insert[4] + "', '" + insert[5] + "', '" + insert[6] + "', '" + insert[7] + "', '" + insert[8] + "', '" + insert[9] + "')";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
}
public object[] GetMessage(object[] objParams)
{
string sNow = FormatDateTime(DateTime.Now);
string sLoginUser = GetClientInfo(ClientInfoType.LoginUser).ToString();
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
//为了区分不同的数据库 by Rei
InfoCommand myCommand = new InfoCommand(ClientInfo);
myCommand.Connection = nwindConn;
string strSql = "";
strSql = string.Format("select * from SYS_MESSENGER where STATUS = 'S' and USERID = '{0}'", sLoginUser);
myCommand.CommandText = strSql;
IDataAdapter adpater = DBUtils.CreateDbDataAdapter(myCommand);
DataSet dsMessage = new DataSet();
DataTable dt = new DataTable("Message");
(adpater as DbDataAdapter).Fill(dt);
dsMessage.Tables.Add(dt);
strSql = string.Format("Update SYS_MESSENGER SET STATUS = 'R' where STATUS = 'S' and USERID = '{0}'", sLoginUser);
myCommand.CommandText = strSql;
myCommand.ExecuteNonQuery();
return new object[] { 0, dsMessage };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object GetFavorMenuID(object[] objParam)
{
String userID = objParam[0].ToString();
String itemType = objParam[1].ToString();
ArrayList menuID = objParam[2] as ArrayList;
ArrayList caption = objParam[3] as ArrayList;
String groupName = objParam[4].ToString();
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
String group = "";
if (groupName == "")
{
if (nwindConn is SqlConnection)
{
group = "GROUPNAME='" + group + "'";
}
else if (nwindConn is OracleConnection)
{
group = "GROUPNAME is null";
}
else if (nwindConn is OdbcConnection)
{
group = "GROUPNAME='" + group + "'";
}
else if (nwindConn is OleDbConnection)
{
group = "GROUPNAME='" + group + "'";
}
else if (nwindConn.GetType().Name == "MySqlConnection")
{
group = "GROUPNAME='" + group + "'";
}
else if (nwindConn.GetType().Name == "IfxConnection")
{
group = "GROUPNAME='" + group + "'";
}
}
else
{
group = "GROUPNAME='" + groupName + "'";
}
String strSql = "delete MENUFAVOR where USERID='" + userID + "' and ITEMTYPE='" + itemType + "' AND " + group;
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
for (int i = 0; i < menuID.Count; i++)
{
strSql = "insert into MENUFAVOR (MENUID, CAPTION, USERID, ITEMTYPE, GROUPNAME) values ('" + menuID[i] + "', '" + caption[i] + "', '" + userID + "', '" + itemType + "', '" + groupName + "')";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
}
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object[] AnyQueryDeleteFile(object[] param)
{
ClientType ct = ClientType.ctMsSql;
String queryID = param[0].ToString();
String fileName = param[1].ToString();
String userid = GetClientInfo(ClientInfoType.LoginUser).ToString();
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
String sql = "DELETE from SYS_ANYQUERY where USERID = '" + userid + "' AND QUERYID='" + queryID + "' AND TEMPLATEID='" + fileName + "'";
InfoCommand myCommand = new InfoCommand(ClientInfo);
myCommand.Connection = nwindConn;
myCommand.CommandText = sql;
myCommand.ExecuteNonQuery();
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object SetUsers(object[] objParam)
{
string strMenuID = (String)objParam[0];
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
ArrayList GroupID = (ArrayList)objParam[1];
//delete groups which will possibly be repeated later
string strDel = "delete from USERMENUS where MENUID = '" + strMenuID + "'";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
cmd.CommandText = strDel;
cmd.ExecuteNonQuery();
//modify by lily 2011/5/26 刪除聯動的MenuControl的table內容
string lst = "";
for (int i = 0; i < GroupID.Count; i++)
{
lst = lst + "','" + GroupID[i].ToString();
}
if (lst.Length > 3)
{
strDel = "delete from USERMENUCONTROL where MENUID='" + strMenuID + "' and USERID not in ('" + lst + "')";
}
cmd.CommandText = strDel;
cmd.ExecuteNonQuery();
//add new groups
for (int i = 0; i < GroupID.Count; i++)
{
string strInsert = "insert into USERMENUS (USERID, MENUID) values ('"
+ GroupID[i].ToString() + "', '" + strMenuID + "')";
//为了区分不同的数据库 by Rei
InfoCommand InsertCmd = new InfoCommand(ClientInfo);
InsertCmd.Connection = nwindConn;
InsertCmd.CommandText = strInsert;
InsertCmd.ExecuteNonQuery();
}
return new object[] { 0, null };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object OPMenu(object[] objParam)
{
string strMenuID = (String)objParam[0];
string strCaption = (String)objParam[1];
string strParent = (String)objParam[2];
string strModuleType = (String)objParam[3];
string strPackage = (String)objParam[4];
string strItemParam = (String)objParam[5];
string strForm = (String)objParam[6];
string strItemType = (String)objParam[7];
string strSEQ_NO = (String)objParam[8];
string strImageUrl = (String)objParam[11];
string captionlanguage = (String)objParam[12];
Srvtools.MGControl.OpType optype = (Srvtools.MGControl.OpType)objParam[9];
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "";
string strBlob = "";
if (nwindConn is SqlConnection)
strBlob = "update MENUTABLE set [IMAGE] = @icon where MENUID = '" + strMenuID + "'";
else if (nwindConn is OracleConnection)
strBlob = "update MENUTABLE set IMAGE = :icon where MENUID = '" + strMenuID + "'";
else if (nwindConn is OdbcConnection)
strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'";
else if (nwindConn is OleDbConnection)
strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'";
else if (nwindConn.GetType().Name == "MySqlConnection")
strBlob = "update MENUTABLE set IMAGE = @icon where MENUID = '" + strMenuID + "'";
else if (nwindConn.GetType().Name == "IfxConnection")
strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'";
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
if (optype == Srvtools.MGControl.OpType.add)
{
if (nwindConn is SqlConnection)
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values (@MENUID, @CAPTION" + captionlanguage + ", @PARENT, @MODULETYPE, @PACKAGE, @ITEMPARAM, @FORM, @ITEMTYPE, @SEQ_NO, @IMAGEURL)";
else if (nwindConn is OracleConnection)
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values (:MENUID, :CAPTION" + captionlanguage + ", :PARENT, :MODULETYPE, :PACKAGE, :ITEMPARAM, :FORM, :ITEMTYPE, :SEQ_NO, :IMAGEURL)";
else if (nwindConn is OdbcConnection)
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
"', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
else if (nwindConn is OleDbConnection)
//strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
// "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
// "', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM,IMAGE, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
"', '" + strItemParam + "', '" + strForm + "', " + "0x0" + ", '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
else if (nwindConn.GetType().Name == "MySqlConnection")
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM,IMAGE, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
"', '" + strItemParam + "', '" + strForm + "', " + "0x0" + ", '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
else if (nwindConn.GetType().Name == "IfxConnection")
strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " +
"values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage +
"', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')";
if (nwindConn is SqlConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new SqlParameter("@MENUID", strMenuID));
cmd.Parameters.Add(new SqlParameter("@CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption));
cmd.Parameters.Add(new SqlParameter("@PARENT", strParent == null ? String.Empty : strParent));
cmd.Parameters.Add(new SqlParameter("@MODULETYPE", strModuleType == null ? String.Empty : strModuleType));
cmd.Parameters.Add(new SqlParameter("@PACKAGE", strPackage == null ? String.Empty : strPackage));
cmd.Parameters.Add(new SqlParameter("@ITEMPARAM", strItemParam == null ? String.Empty : strItemParam));
cmd.Parameters.Add(new SqlParameter("@FORM", strForm == null ? String.Empty : strForm));
//cmd.Parameters.Add(new SqlParameter("@IMAGE", "'0'"));
cmd.Parameters.Add(new SqlParameter("@ITEMTYPE", strItemType == null ? String.Empty : strItemType));
cmd.Parameters.Add(new SqlParameter("@SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO));
cmd.Parameters.Add(new SqlParameter("@IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OracleConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new OracleParameter(":MENUID", strMenuID));
cmd.Parameters.Add(new OracleParameter(":CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption));
cmd.Parameters.Add(new OracleParameter(":PARENT", strParent == null ? String.Empty : strParent));
cmd.Parameters.Add(new OracleParameter(":MODULETYPE", strModuleType == null ? String.Empty : strModuleType));
cmd.Parameters.Add(new OracleParameter(":PACKAGE", strPackage == null ? String.Empty : strPackage));
cmd.Parameters.Add(new OracleParameter(":ITEMPARAM", strItemParam == null ? String.Empty : strItemParam));
cmd.Parameters.Add(new OracleParameter(":FORM", strForm == null ? String.Empty : strForm));
//cmd.Parameters.Add(new OracleParameter(":IMAGE", "'0'"));
cmd.Parameters.Add(new OracleParameter(":ITEMTYPE", strItemType == null ? String.Empty : strItemType));
cmd.Parameters.Add(new OracleParameter(":SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO));
cmd.Parameters.Add(new OracleParameter(":IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OdbcConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new OdbcParameter("?", strMenuID));
cmd.Parameters.Add(new OdbcParameter("?" + captionlanguage, strCaption));
cmd.Parameters.Add(new OdbcParameter("?", strParent));
cmd.Parameters.Add(new OdbcParameter("?", strModuleType));
cmd.Parameters.Add(new OdbcParameter("?", strPackage));
cmd.Parameters.Add(new OdbcParameter("?", strItemParam));
cmd.Parameters.Add(new OdbcParameter("?", strForm));
cmd.Parameters.Add(new OdbcParameter("?", "'0'"));
cmd.Parameters.Add(new OdbcParameter("?", strItemType));
cmd.Parameters.Add(new OdbcParameter("?", strSEQ_NO));
cmd.Parameters.Add(new OdbcParameter("?", strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OleDbConnection)
{
cmd.CommandText = strSql;
//cmd.Parameters.Add(new OleDbParameter("@MENUID", strMenuID));
//cmd.Parameters.Add(new OleDbParameter("@CAPTION" + captionlanguage, strCaption));
//cmd.Parameters.Add(new OleDbParameter("@PARENT", strParent));
//cmd.Parameters.Add(new OleDbParameter("@MODULETYPE", strModuleType));
//cmd.Parameters.Add(new OleDbParameter("@PACKAGE", strPackage));
//cmd.Parameters.Add(new OleDbParameter("@ITEMPARAM", strItemParam));
//cmd.Parameters.Add(new OleDbParameter("@FORM", strForm));
//cmd.Parameters.Add(new OleDbParameter("@IMAGE", "'0'"));
//cmd.Parameters.Add(new OleDbParameter("@ITEMTYPE", strItemType));
//cmd.Parameters.Add(new OleDbParameter("@SEQ_NO", strSEQ_NO));
//cmd.Parameters.Add(new OleDbParameter("@IMAGEURL", strImageUrl));
cmd.ExecuteNonQuery();
}
#if MySql
else if (nwindConn is MySqlConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new MySqlParameter("@MENUID", strMenuID));
cmd.Parameters.Add(new MySqlParameter("@CAPTION" + captionlanguage, strCaption));
cmd.Parameters.Add(new MySqlParameter("@PARENT", strParent));
cmd.Parameters.Add(new MySqlParameter("@MODULETYPE", strModuleType));
cmd.Parameters.Add(new MySqlParameter("@PACKAGE", strPackage));
cmd.Parameters.Add(new MySqlParameter("@ITEMPARAM", strItemParam));
cmd.Parameters.Add(new MySqlParameter("@FORM", strForm));
cmd.Parameters.Add(new MySqlParameter("@IMAGE", "'0'"));
cmd.Parameters.Add(new MySqlParameter("@ITEMTYPE", strItemType));
cmd.Parameters.Add(new MySqlParameter("@SEQ_NO", strSEQ_NO));
cmd.Parameters.Add(new MySqlParameter("@IMAGEURL", strImageUrl));
cmd.ExecuteNonQuery();
}
#endif
#if Informix
else if (nwindConn is IBM.Data.Informix.IfxConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strMenuID));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?" + captionlanguage, strCaption));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strParent));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strModuleType));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strPackage));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemParam));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strForm));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", "'0'"));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemType));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strSEQ_NO));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strImageUrl));
cmd.ExecuteNonQuery();
}
#endif
}
else if (optype == Srvtools.MGControl.OpType.modify)
{
if (nwindConn is SqlConnection)
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = @CAPTION" + captionlanguage + ", PARENT = @PARENT, MODULETYPE = @MODULETYPE"
+ ", PACKAGE = @PACKAGE, ITEMPARAM = @ITEMPARAM, FORM = @FORM, ITEMTYPE = @ITEMTYPE, SEQ_NO = @SEQ_NO, IMAGEURL = @IMAGEURL where MENUID = '" + strMenuID + "'";
else if (nwindConn is OracleConnection)
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = :CAPTION" + captionlanguage + ", PARENT = :PARENT, MODULETYPE = :MODULETYPE"
+ ", PACKAGE = :PACKAGE, ITEMPARAM = :ITEMPARAM, FORM = :FORM, ITEMTYPE = :ITEMTYPE, SEQ_NO = :SEQ_NO, IMAGEURL = :IMAGEURL where MENUID = '" + strMenuID + "'";
else if (nwindConn is OdbcConnection)
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = '" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" +
strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" +
strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'";
else if (nwindConn is OleDbConnection)
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = N'" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" +
strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" +
strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'";
else if (nwindConn.GetType().Name == "MySqlConnection")
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = N'" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" +
strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" +
strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'";
else if (nwindConn.GetType().Name == "IfxConnection")
strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = '" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" +
strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" +
strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'";
if (nwindConn is SqlConnection)
{
cmd.CommandText = strSql;
//cmd.Parameters.Add(new SqlParameter("@MENUID", strMenuID));
cmd.Parameters.Add(new SqlParameter("@CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption));
cmd.Parameters.Add(new SqlParameter("@PARENT", strParent == null ? String.Empty : strParent));
cmd.Parameters.Add(new SqlParameter("@MODULETYPE", strModuleType == null ? String.Empty : strModuleType));
cmd.Parameters.Add(new SqlParameter("@PACKAGE", strPackage == null ? String.Empty : strPackage));
cmd.Parameters.Add(new SqlParameter("@ITEMPARAM", strItemParam == null ? String.Empty : strItemParam));
cmd.Parameters.Add(new SqlParameter("@FORM", strForm == null ? String.Empty : strForm));
//cmd.Parameters.Add(new SqlParameter("@IMAGE", "'0'"));
cmd.Parameters.Add(new SqlParameter("@ITEMTYPE", strItemType == null ? String.Empty : strItemType));
cmd.Parameters.Add(new SqlParameter("@SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO));
cmd.Parameters.Add(new SqlParameter("@IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OracleConnection)
{
cmd.CommandText = strSql;
//cmd.Parameters.Add(new OracleParameter(":MENUID", strMenuID));
cmd.Parameters.Add(new OracleParameter(":CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption));
cmd.Parameters.Add(new OracleParameter(":PARENT", strParent == null ? String.Empty : strParent));
cmd.Parameters.Add(new OracleParameter(":MODULETYPE", strModuleType == null ? String.Empty : strModuleType));
cmd.Parameters.Add(new OracleParameter(":PACKAGE", strPackage == null ? String.Empty : strPackage));
cmd.Parameters.Add(new OracleParameter(":ITEMPARAM", strItemParam == null ? String.Empty : strItemParam));
cmd.Parameters.Add(new OracleParameter(":FORM", strForm == null ? String.Empty : strForm));
//cmd.Parameters.Add(new OracleParameter(":IMAGE", "'0'"));
cmd.Parameters.Add(new OracleParameter(":ITEMTYPE", strItemType == null ? String.Empty : strItemType));
cmd.Parameters.Add(new OracleParameter(":SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO));
cmd.Parameters.Add(new OracleParameter(":IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OdbcConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new OdbcParameter("?", strMenuID));
cmd.Parameters.Add(new OdbcParameter("?" + captionlanguage, strCaption));
cmd.Parameters.Add(new OdbcParameter("?", strParent));
cmd.Parameters.Add(new OdbcParameter("?", strModuleType));
cmd.Parameters.Add(new OdbcParameter("?", strPackage));
cmd.Parameters.Add(new OdbcParameter("?", strItemParam));
cmd.Parameters.Add(new OdbcParameter("?", strForm));
cmd.Parameters.Add(new OdbcParameter("?", "'0'"));
cmd.Parameters.Add(new OdbcParameter("?", strItemType));
cmd.Parameters.Add(new OdbcParameter("?", strSEQ_NO));
cmd.Parameters.Add(new OdbcParameter("?", strImageUrl));
cmd.ExecuteNonQuery();
}
else if (nwindConn is OleDbConnection)
{
cmd.CommandText = strSql;
//cmd.Parameters.Add(new OleDbParameter("@MENUID", strMenuID));
//cmd.Parameters.Add(new OleDbParameter("@CAPTION" + captionlanguage, strCaption));
//cmd.Parameters.Add(new OleDbParameter("@PARENT", strParent));
//cmd.Parameters.Add(new OleDbParameter("@MODULETYPE", strModuleType));
//cmd.Parameters.Add(new OleDbParameter("@PACKAGE", strPackage));
//cmd.Parameters.Add(new OleDbParameter("@ITEMPARAM", strItemParam));
//cmd.Parameters.Add(new OleDbParameter("@FORM", strForm));
//cmd.Parameters.Add(new OleDbParameter("@IMAGE", "'0'"));
//cmd.Parameters.Add(new OleDbParameter("@ITEMTYPE", strItemType));
//cmd.Parameters.Add(new OleDbParameter("@SEQ_NO", strSEQ_NO));
//cmd.Parameters.Add(new OleDbParameter("@IMAGEURL", strImageUrl));
cmd.ExecuteNonQuery();
}
#if MySql
else if (nwindConn is MySqlConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new MySqlParameter("@MENUID", strMenuID));
cmd.Parameters.Add(new MySqlParameter("@CAPTION" + captionlanguage, strCaption));
cmd.Parameters.Add(new MySqlParameter("@PARENT", strParent));
cmd.Parameters.Add(new MySqlParameter("@MODULETYPE", strModuleType));
cmd.Parameters.Add(new MySqlParameter("@PACKAGE", strPackage));
cmd.Parameters.Add(new MySqlParameter("@ITEMPARAM", strItemParam));
cmd.Parameters.Add(new MySqlParameter("@FORM", strForm));
cmd.Parameters.Add(new MySqlParameter("@IMAGE", "'0'"));
cmd.Parameters.Add(new MySqlParameter("@ITEMTYPE", strItemType));
cmd.Parameters.Add(new MySqlParameter("@SEQ_NO", strSEQ_NO));
cmd.Parameters.Add(new MySqlParameter("@IMAGEURL", strImageUrl));
cmd.ExecuteNonQuery();
}
#endif
#if Informix
else if (nwindConn is IBM.Data.Informix.IfxConnection)
{
cmd.CommandText = strSql;
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strMenuID));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?" + captionlanguage, strCaption));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strParent));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strModuleType));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strPackage));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemParam));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strForm));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", "'0'"));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemType));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strSEQ_NO));
cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strImageUrl));
cmd.ExecuteNonQuery();
}
#endif
}
else
{
strSql = "delete from MENUTABLE where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from USERMENUS where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from GROUPMENUS where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from MENUTABLECONTROL where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from USERMENUCONTROL where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
strSql = "delete from GROUPMENUCONTROL where MENUID = '" + strMenuID + "'";
cmd.CommandText = strSql;
cmd.ExecuteNonQuery();
}
if (optype != Srvtools.MGControl.OpType.delete && objParam[10] != null)
{
byte[] blob = (byte[])objParam[10];
if (nwindConn is SqlConnection)
{
SqlParameter param = new SqlParameter("@icon", SqlDbType.VarBinary, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
}
else if (nwindConn is OracleConnection)
{
OracleParameter param = new OracleParameter(":icon", OracleType.Blob, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
}
else if (nwindConn is OdbcConnection)
{
OdbcParameter param = new OdbcParameter("?", OdbcType.VarBinary, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
try
{
cmd.ExecuteNonQuery();
}
catch (Exception e)
{
string str = e.Message;
}
}
else if (nwindConn is OleDbConnection)
{
OleDbParameter param = new OleDbParameter("@icon", OleDbType.LongVarBinary, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
}
#if MySql
else if (nwindConn is MySqlConnection)
{
MySqlParameter param = new MySqlParameter("@icon", MySqlDbType.Blob, blob.Length, ParameterDirection.Input, false,
0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
}
#endif
#if Informix
else if (nwindConn is IBM.Data.Informix.IfxConnection)
{
IBM.Data.Informix.IfxParameter param = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Blob, blob.Length,
ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob);
cmd.CommandText = strBlob;
cmd.Parameters.Add(param);
try
{
cmd.ExecuteNonQuery();
}
catch (Exception e)
{
string str = e.Message;
}
}
#endif
}
return new object[] { 0, null };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object UpdateADGroups(object[] objParam)
{
String[] strAdGroups = objParam[0].ToString().Split(new String[] { ";" }, StringSplitOptions.RemoveEmptyEntries);
object[] myRet = (object[])GetADUserForGroup(null);
ArrayList alADGroups = myRet[1] as ArrayList;
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, false);
try
{
foreach (String strADGroup in strAdGroups)
{
foreach (ADGroup group in alADGroups)
{
if (strADGroup == group.ID)
{
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql)
{
cmd.CommandText = "DELETE FROM GROUPS WHERE GROUPNAME=@GROUPNAME";
IDbDataParameter idpGROUPNAME = cmd.CreateParameter();
idpGROUPNAME.ParameterName = "@GROUPNAME";
idpGROUPNAME.Value = group.ID;
cmd.Parameters.Add(idpGROUPNAME);
}
else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix)
{
cmd.CommandText = "DELETE FROM GROUPS WHERE GROUPNAME=?";
IDbDataParameter idpGROUPNAME = cmd.CreateParameter();
idpGROUPNAME.ParameterName = "?";
idpGROUPNAME.Value = group.ID;
cmd.Parameters.Add(idpGROUPNAME);
}
else if (ct == ClientType.ctOracle)
{
cmd.CommandText = "DELETE FROM GROUPS WHERE GROUPNAME=:GROUPNAME";
IDbDataParameter idpGROUPNAME = cmd.CreateParameter();
idpGROUPNAME.ParameterName = ":GROUPNAME";
idpGROUPNAME.Value = group.ID;
cmd.Parameters.Add(idpGROUPNAME);
}
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql)
{
cmd.CommandText = "INSERT INTO GROUPS (GROUPID, GROUPNAME, DESCRIPTION, MSAD) " +
"VALUES (@GROUPID, @GROUPNAME, @DESCRIPTION, 'Y')";
IDbDataParameter idpGROUPID = cmd.CreateParameter();
idpGROUPID.ParameterName = "@GROUPID";
idpGROUPID.Value = "ad" + GetGroupID().ToString("000");
IDbDataParameter idpGROUPNAME = cmd.CreateParameter();
idpGROUPNAME.ParameterName = "@GROUPNAME";
idpGROUPNAME.Value = group.ID;
IDbDataParameter idpDESCRIPTION = cmd.CreateParameter();
idpDESCRIPTION.ParameterName = "@DESCRIPTION";
idpDESCRIPTION.Value = group.Description;
cmd.Parameters.Add(idpGROUPID);
cmd.Parameters.Add(idpGROUPNAME);
cmd.Parameters.Add(idpDESCRIPTION);
}
else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix)
{
cmd.CommandText = "INSERT INTO GROUPS (GROUPID, GROUPNAME, DESCRIPTION, MSAD) " +
"VALUES (?, ?, ?, 'Y')";
IDbDataParameter idpGROUPID = cmd.CreateParameter();
idpGROUPID.ParameterName = "?";
idpGROUPID.Value = "ad" + GetGroupID().ToString("000");
IDbDataParameter idpGROUPNAME = cmd.CreateParameter();
idpGROUPNAME.ParameterName = "?";
idpGROUPNAME.Value = group.ID;
IDbDataParameter idpDESCRIPTION = cmd.CreateParameter();
idpDESCRIPTION.ParameterName = "?";
idpDESCRIPTION.Value = group.Description;
cmd.Parameters.Add(idpGROUPID);
cmd.Parameters.Add(idpGROUPNAME);
cmd.Parameters.Add(idpDESCRIPTION);
}
else if (ct == ClientType.ctOracle)
{
cmd.CommandText = "INSERT INTO GROUPS (GROUPID, GROUPNAME, DESCRIPTION, MSAD) " +
"VALUES (:GROUPID, :GROUPNAME, :DESCRIPTION, 'Y')";
IDbDataParameter idpGROUPID = cmd.CreateParameter();
idpGROUPID.ParameterName = ":GROUPID";
idpGROUPID.Value = "ad" + GetGroupID().ToString("000");
IDbDataParameter idpGROUPNAME = cmd.CreateParameter();
idpGROUPNAME.ParameterName = ":GROUPNAME";
idpGROUPNAME.Value = group.ID;
IDbDataParameter idpDESCRIPTION = cmd.CreateParameter();
idpDESCRIPTION.ParameterName = ":DESCRIPTION";
idpDESCRIPTION.Value = group.Description;
cmd.Parameters.Add(idpGROUPID);
cmd.Parameters.Add(idpGROUPNAME);
cmd.Parameters.Add(idpDESCRIPTION);
}
cmd.ExecuteNonQuery();
foreach (String user in group.Users)
{
cmd.Parameters.Clear();
if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql)
{
cmd.CommandText = "DELETE FROM USERGROUPS WHERE GROUPID=@GROUPID AND USERID=@USERID";
IDbDataParameter idpGROUPID = cmd.CreateParameter();
idpGROUPID.ParameterName = "@GROUPID";
idpGROUPID.Value = group.ID;
cmd.Parameters.Add(idpGROUPID);
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = "@USERID";
idpUSERID.Value = user;
cmd.Parameters.Add(idpUSERID);
}
else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix)
{
cmd.CommandText = "DELETE FROM USERGROUPS WHERE GROUPID=? AND USERID=?";
IDbDataParameter idpGROUPID = cmd.CreateParameter();
idpGROUPID.ParameterName = "?";
idpGROUPID.Value = group.ID;
cmd.Parameters.Add(idpGROUPID);
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = "?";
idpUSERID.Value = user;
cmd.Parameters.Add(idpUSERID);
}
else if (ct == ClientType.ctOracle)
{
cmd.CommandText = "DELETE FROM USERGROUPS WHERE GROUPID=:GROUPID AND USERID=:USERID";
IDbDataParameter idpGROUPID = cmd.CreateParameter();
idpGROUPID.ParameterName = ":GROUPID";
idpGROUPID.Value = group.ID;
cmd.Parameters.Add(idpGROUPID);
IDbDataParameter idpUSERID = cmd.CreateParameter();
idpUSERID.ParameterName = ":USERID";
idpUSERID.Value = user;
cmd.Parameters.Add(idpUSERID);
}
cmd.ExecuteNonQuery();
if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql)
{
cmd.CommandText = "INSERT INTO USERGROUPS (GROUPID, USERID) " +
"VALUES (@GROUPID, @USERID)";
}
else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix)
{
cmd.CommandText = "INSERT INTO USERGROUPS (GROUPID, USERID) " +
"VALUES (?, ?)";
}
else if (ct == ClientType.ctOracle)
{
cmd.CommandText = "INSERT INTO USERGROUPS (GROUPID, USERID) " +
"VALUES (:GROUPID, :USERID)";
}
cmd.ExecuteNonQuery();
}
break;
}
}
}
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, false);
}
}
//ILogin不用
public object[] ChangePassword(object[] objParam)
{
string XMLParams = objParam[0].ToString();
string[] ss = XMLParams.Split(":".ToCharArray());
string sUserId = ss[0];
//MD5 md5 = new MD5CryptoServiceProvider();
//byte[] pwdBytes = md5.ComputeHash(Encoding.ASCII.GetBytes(ss[1]));
//byte[] result = md5.ComputeHash(pwdBytes);
//string sOldPwd = BitConverter.ToString(result);
//pwdBytes = md5.ComputeHash(Encoding.ASCII.GetBytes(ss[2]));
//result = md5.ComputeHash(pwdBytes);
//string sNewPwd = BitConverter.ToString(result);
if (ss[1].Length > 10 || ss[2].Length > 10)
{
return new object[] { 0, "E" };
}
char[] p = new char[] { };
bool q;
if (ss[1] != "") q = Encrypt.EncryptPassword(sUserId, ss[1], 10, ref p, false);
string sOldPwd = new string(p);
p = new char[] { };
if (ss[2] != "") q = Encrypt.EncryptPassword(sUserId, ss[2], 10, ref p, false);
string sNewPwd = new string(p);
#region Build the command and exec the command to log error
ClientType ct = ClientType.ctNone;
IDbConnection conn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
String sQL = "";
//为了区分不同的数据库 by Rei
InfoCommand command = new InfoCommand(ClientInfo);
if (conn.GetType().ToString() == "System.Data.SqlClient.SqlConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and PWD = @OldPwd";
else sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and (PWD = '' or PWD is null)";
}
else if (conn.GetType().ToString() == "System.Data.OracleClient.OracleConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD = :NewPwd where USERID = :UserId and PWD = :OldPwd";
else sQL = "update USERS set PWD = :NewPwd where USERID = :UserId and (PWD = '' or PWD is null)";
}
else if (conn.GetType().ToString() == "System.Data.Odbc.OdbcConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD =? where USERID =? and PWD =?";
else sQL = "update USERS set PWD =? where USERID =? and (PWD = '' or PWD is null)";
//if (ss[1] != "") sQL = "update USERS set PWD = $NewPwd where USERID = $UserId and PWD = $OldPwd";
//else sQL = "update USERS set PWD = $NewPwd where USERID = $UserId and PWD = ''";
}
else if (conn.GetType().ToString() == "System.Data.OleDb.OleDbConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD = ? where USERID = ? and PWD = ?";
else sQL = "update USERS set PWD = ? where USERID = ? and (PWD = '' or PWD is null)";
}
else if (conn.GetType().Name == "MySqlConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and PWD = @OldPwd";
else sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and (PWD = '' or PWD is null)";
}
else if (conn.GetType().Name == "IfxConnection")
{
if (ss[1] != "") sQL = "update USERS set PWD =? where USERID =? and PWD =?";
else sQL = "update USERS set PWD =? where USERID =? and (PWD = '' or PWD is null)";
}
command.CommandText = sQL;
command.Connection = conn;
DbParameter paramNewPwd = null;
DbParameter paramUserId = null;
DbParameter paramOldPwd = null;
if (conn is OleDbConnection)
{
paramNewPwd = new OleDbParameter("@NewPwd", OleDbType.VarChar, 10);
paramUserId = new OleDbParameter("@UserId", OleDbType.VarChar, 20);
paramOldPwd = new OleDbParameter("@OldPwd", OleDbType.VarChar, 10);
}
else if (conn is OdbcConnection)
{
paramNewPwd = new OdbcParameter("?", OdbcType.NVarChar, 10);
paramUserId = new OdbcParameter("?", OdbcType.VarChar, 20);
paramOldPwd = new OdbcParameter("?", OdbcType.NVarChar, 10);
}
else if (conn is OracleConnection)
{
paramNewPwd = new OracleParameter(":NewPwd", OracleType.NVarChar, 10);
paramUserId = new OracleParameter(":UserId", OracleType.VarChar, 20);
paramOldPwd = new OracleParameter(":OldPwd", OracleType.NVarChar, 10);
}
else if (conn is SqlConnection)
{
paramNewPwd = new SqlParameter("@NewPwd", SqlDbType.VarChar, 10);
paramUserId = new SqlParameter("@UserId", SqlDbType.VarChar, 20);
paramOldPwd = new SqlParameter("@OldPwd", SqlDbType.VarChar, 10);
}
#if MySql
else if (conn is MySqlConnection)
{
paramNewPwd = new MySqlParameter("@NewPwd", MySqlDbType.VarChar, 10);
paramUserId = new MySqlParameter("@UserId", MySqlDbType.VarChar, 20);
paramOldPwd = new MySqlParameter("@OldPwd", MySqlDbType.VarChar, 10);
}
#endif
#if Informix
else if (conn is IBM.Data.Informix.IfxConnection)
{
paramNewPwd = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 10);
paramUserId = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 20);
paramOldPwd = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 10);
}
#endif
paramNewPwd.Value = sNewPwd;
paramUserId.Value = sUserId;
paramOldPwd.Value = sOldPwd;
if (!(conn is OdbcConnection))
{
command.Parameters.Add(paramNewPwd);
command.Parameters.Add(paramUserId);
if (ss[1] != "")
command.Parameters.Add(paramOldPwd);
}
Int32 i = command.ExecuteNonQuery();
if (i != 1)
{
return new object[] { 0, "E" }; //By Lily 表示没有找到该User,可能是UserID错误,或者原始密码错误。
}
else
{
//验证密码有效期 by rei
command.Parameters.Clear();
command.CommandText = "UPDATE USERS SET LASTDATE='" + DateTime.Today.Year.ToString() + DateTime.Today.Month.ToString("00") + DateTime.Today.Day.ToString("00") + "' WHERE USERID='" + sUserId + "'";
command.ExecuteNonQuery();
return new object[] { 0, "O" }; //找到该User,并更新好新密码。
}
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conn, true);
}
#endregion
}
public object UpdateMenu(object[] objParam)
{
for (int i = 0; i < objParam.Length; i++)
{
string Group = (String)objParam[i];
if (Group == null)
continue;
string[] insert = Group.Split(';');
if (insert[0] == null || insert[0] == "")
return new object[] { 0 };
else
{
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "update MENUTABLECONTROL set DESCRIPTION = '" + insert[2] + "' where MENUID = '"
+ insert[0] + "' and CONTROLNAME = '" + insert[1] + "'";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
}
return new object[] { 0 };
}
public object[] PackageRollback(object[] objParam)
{
string projectname = ((string)objParam[0]);
string filename = ((string)objParam[1]);
string dt = ((string)objParam[2]);
PackageType ptype = ((PackageType)objParam[3]);
string packagetype = "";
switch (ptype)
{
case PackageType.Client: packagetype = "C"; break;
case PackageType.Server: packagetype = "S"; break;
case PackageType.WebClient: packagetype = "W"; break;
}
ClientType ct = ClientType.ctMsSql;
//IDbConnection nwindConn = AllocateConnection(GetSystemDBName(), ref ct, false); //menuchecklog用sysDB里的
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); //取登陆后的DBAlias ——by Rei
try
{
string strsql = "";
if (nwindConn is SqlConnection)
strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND [FILENAME] ='" + filename
+ "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE >'" + dt + "'";
else if (nwindConn is OdbcConnection)
strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename
+ "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE > to_date('" + String.Format("{0:yyyyMMddHHmmss}", Convert.ToDateTime(dt)) + "', '%Y%m%d%H%M%S')";
else if (nwindConn is OracleConnection)
strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename
+ "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE > to_date('" + dt + "', 'yyyy-mm-dd hh24:mi:ss')";
else if (nwindConn is OleDbConnection)
strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename
+ "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE >'" + dt + "'";
else if (nwindConn.GetType().Name == "MySqlConnection")
strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename
+ "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE > '" + dt + "'";
else if (nwindConn.GetType().Name == "IfxConnection")
strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename
+ "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE > to_date('" + String.Format("{0:yyyyMMddHHmmss}", Convert.ToDateTime(dt)) + "', '%Y%m%d%H%M%S')";
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
cmd.CommandText = strsql;
cmd.ExecuteNonQuery();
string strBlob = "";
if (nwindConn is SqlConnection)
strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE [FILENAME] = '" + filename + "' AND PACKAGEDATE = '" + dt
+ "' AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'";
else if (nwindConn is OdbcConnection)
strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = to_date('" + String.Format("{0:yyyyMMddHHmmss}", Convert.ToDateTime(dt)) + "', '%Y%m%d%H%M%S') "
+ " AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'";
else if (nwindConn is OracleConnection)
strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = to_date('" + dt + "', 'yyyy-mm-dd hh24:mi:ss')"
+ " AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'";
else if (nwindConn is OleDbConnection)
strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = '" + dt
+ "' AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'";
else if (nwindConn.GetType().Name == "MySqlConnection")
strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = '" + dt + "'"
+ " AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'";
else if (nwindConn.GetType().Name == "IfxConnection")
strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = to_date('" + String.Format("{0:yyyyMMddHHmmss}", Convert.ToDateTime(dt)) + "', '%Y%m%d%H%M%S') "
+ " AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'";
cmd.CommandText = strBlob;
IDataReader idr = cmd.ExecuteReader();
idr.Read();
try
{
byte[] blob = new byte[idr.GetBytes(0, 0, null, 0, int.MaxValue)];
idr.GetBytes(0, 0, blob, 0, blob.Length);
DateTime dtfile = new DateTime();
try
{
dtfile = (DateTime)idr.GetValue(1); //找到记录
}
catch
{
dtfile = DateTime.MinValue;
}
cmd.Cancel();
idr.Close();
PackageService ps = new PackageService();
ps.Upload(filename, projectname, ptype, blob, dtfile);
return new object[] { 0, 0 };
}
catch (Exception e)
{
return new object[] { 0, 1, e.Message };
}
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object UpdateNodes(object[] objParam)
{
string strMenuID = (String)objParam[0];
string strParent = (String)objParam[1];
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql;
if (strParent != null)
{
strSql = "update MENUTABLE set PARENT = '" + strParent + "' where MENUID = '" + strMenuID + "'";
}
else
{
strSql = "update MENUTABLE set PARENT = null where MENUID = '" + strMenuID + "'";
}
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
return new object[] { 0, null };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object[] SavePersonalSettings(object[] objParam)
{
ClientType ct = ClientType.ctMsSql;
IDbConnection conncetion = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
string formName = (string)objParam[0];
string compName = (string)objParam[1];
string userId = (string)objParam[2];
string remark = (string)objParam[3];
string propContent = (string)objParam[4];
string sql = string.Format("SELECT COUNT(*) FROM SYS_PERSONAL WHERE FORMNAME='{0}' AND COMPNAME='{1}' AND USERID='{2}'",
formName,
compName,
userId);
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = conncetion;
cmd.CommandText = sql;
try
{
int count = (int)cmd.ExecuteScalar();
if (count > 0)
{
sql = string.Format("UPDATE SYS_PERSONAL SET REMARK='{0}',PROPCONTENT='{1}',CREATEDATE='{2}' WHERE FORMNAME='{3}' AND COMPNAME='{4}' AND USERID='{5}'",
remark,
propContent,
DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"),
formName,
compName,
userId);
}
else
{
sql = string.Format("INSERT INTO SYS_PERSONAL (FORMNAME,COMPNAME,USERID,REMARK,PROPCONTENT,CREATEDATE) VALUES ('{0}','{1}','{2}','{3}','{4}','{5}')",
formName,
compName,
userId,
remark,
propContent,
DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"));
}
cmd.CommandText = sql;
cmd.ExecuteNonQuery();
return new object[] { 0 };
}
catch (Exception e)
{
return new object[] { 1, e.Message };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conncetion, true);
}
}
public object UpdateUser(object[] objParam)
{
string User = (String)objParam[0];
string[] insert = User.Split(';');
if (insert[0] == null || insert[0] == "")
return new object[] { 0 };
else
{
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
string strSql = "update USERMENUCONTROL set ENABLED = '" + insert[4] + "', VISIBLE = '" + insert[5] + "', ALLOWADD = '" + insert[6]
+ "', ALLOWUPDATE = '" + insert[7] + "', ALLOWDELETE = '" + insert[8] + "', ALLOWPRINT = '" + insert[9] + "' where USERID = '"
+ insert[0] + "' and MENUID = '" + insert[1] + "' and CONTROLNAME = '" + insert[2] + "'";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
cmd.ExecuteNonQuery();
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
}
public object[] SendMessage(object[] objParams)
{
bool bGroup = (bool)objParams[0];
string sUser = (string)objParams[1];
string sMsg = (string)objParams[2];
string sParams = (string)objParams[3];
string sNow = FormatDateTime(DateTime.Now);
string sLoginUser = GetClientInfo(ClientInfoType.LoginUser).ToString();
string status = "S";
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
//为了区分不同的数据库 by Rei
InfoCommand myCommand = new InfoCommand(ClientInfo);
myCommand.Connection = nwindConn;
string strSql = "";
ArrayList arrUsers = new ArrayList();
if (bGroup)
{
strSql = string.Format("select distinct USERID from USERGROUPS where GROUPID = '{0}'", sUser);
myCommand.CommandText = strSql;
IDataReader aReader = myCommand.ExecuteReader();
try
{
bool b = aReader.Read();
while (b)
{
arrUsers.Add(aReader.GetString(0));
b = aReader.Read();
}
}
finally
{
aReader.Close();
}
}
else
{
arrUsers.Add(sUser);
}
for (int i = 0; i < arrUsers.Count; i++)
{
strSql = string.Format("insert into SYS_MESSENGER (USERID, MESSAGE, PARAS, SENDTIME, SENDERID, STATUS) values('{0}', '{1}', '{2}', '{3}', '{4}', '{5}')",
(string)arrUsers[i], sMsg, sParams, sNow, sLoginUser, status);
myCommand.CommandText = strSql;
myCommand.ExecuteNonQuery();
}
return new object[] { 0 };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
public object DeleteDDColumns(object[] objParam)
{
string tabName = (String)objParam[0];
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, false);
try
{
string strSql = "delete from COLDEF where TABLE_NAME = '" + tabName + "'";
//IDbTransaction it = nwindConn.BeginTransaction();
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.CommandText = strSql;
cmd.Connection = nwindConn;
//cmd.Transaction = it;
cmd.ExecuteNonQuery();
//it.Commit();
return new object[] { 0, null };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, false);
}
}
//ILogin 不用
public object SetUserGroups(object[] objParam)
{
string strGroupID = (String)objParam[0];
ClientType ct = ClientType.ctMsSql;
IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true);
try
{
//delete groups which will possibly be repeated later
string strDel = "delete from USERGROUPS where GROUPID = '" + strGroupID + "'";
//为了区分不同的数据库 by Rei
InfoCommand cmd = new InfoCommand(ClientInfo);
cmd.Connection = nwindConn;
cmd.CommandText = strDel;
cmd.ExecuteNonQuery();
//add new groups
if (objParam[1] != null && objParam[1].ToString() != "")
{
string[] UserID = ((string)objParam[1]).Split(';');
for (int i = 0; i < UserID.Length; i++)
if (UserID[i].ToString() != "" && strGroupID != "")
{
string strInsert = "insert into USERGROUPS (USERID, GROUPID) values ('"
+ UserID[i].ToString() + "', '" + strGroupID + "')";
//为了区分不同的数据库 by Rei
InfoCommand InsertCmd = new InfoCommand(ClientInfo);
InsertCmd.Connection = nwindConn;
InsertCmd.CommandText = strInsert;
InsertCmd.ExecuteNonQuery();
}
}
return new object[] { 0, null };
}
finally
{
ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true);
}
}
private void SetDataToSYS_REFVAL(String tableName, String displayMember, String valueMember, String selectAlias, String selectCommand)
{
InfoCommand aInfoCommand = new InfoCommand(FClientData.DatabaseType);
aInfoCommand.Connection = InternalConnection;
aInfoCommand.CommandText = String.Format("DELETE FROM SYS_REFVAL WHERE REFVAL_NO='{0}'", "SL." + tableName);
if (InternalConnection.State != ConnectionState.Open)
InternalConnection.Open();
aInfoCommand.ExecuteNonQuery();
aInfoCommand.CommandText = String.Format("INSERT INTO SYS_REFVAL (REFVAL_NO,TABLE_NAME,DISPLAY_MEMBER,SELECT_ALIAS,SELECT_COMMAND,VALUE_MEMBER) VALUES('{0}','{1}','{2}','{3}','{4}','{5}')",
"SL." + tableName, tableName, displayMember, selectAlias, selectCommand, valueMember);
aInfoCommand.ExecuteNonQuery();
}
private void btnOK_Click(object sender, EventArgs e)
{
string DBName = this.cmbDB.Text;
string DBString = this.cmbDB.SelectedValue.ToString();
string DBType = "";
string itemType = "";
foreach (DataRow dr in table.Rows)
{
if (dr["DBName"].ToString() == DBName)
{
DBType = dr["DBType"].ToString();
break;
}
}
IDbConnection connection = AllocateConnection(DBType, DBString);
InfoCommand cmd = new InfoCommand();
string strSql = "select * from MENUITEMTYPE";
cmd.CommandText = strSql;
cmd.Connection = connection;
connection.Open();
IDataReader dreader = cmd.ExecuteReader();
bool bItemTypeExisted = false;
while (dreader.Read())
{
if (dreader["ITEMNAME"].ToString() == this.itemName)
{
bItemTypeExisted = true;
itemType = dreader["ITEMTYPE"].ToString();
}
}
dreader.Close();
if (!bItemTypeExisted)
{
//Solution原本不存在,新建一个Solution
strSql = "insert into MENUITEMTYPE (ITEMTYPE, ITEMNAME) values ('" + this.itemName + "', '" + this.itemName + "')";
cmd.CommandText = strSql;
cmd.Connection = connection;
cmd.ExecuteNonQuery();
itemType = this.itemName;
}
foreach (string menu in this.menuList)
{
strSql = "select count(*) from MENUTABLE where PACKAGE = '" + menu + "' and MODULETYPE = 'S' and ITEMTYPE = '" + itemType + "'";
cmd.CommandText = strSql;
cmd.Connection = connection;
int count = (int)cmd.ExecuteScalar();
if (count == 0)
{
strSql = "insert into MENUTABLE (MENUID, CAPTION, PACKAGE, MODULETYPE, ITEMTYPE) " +
"values ('" + menu + "id', '" + menu + "', '" + menu + "', 'S', '" + itemType + "')";
cmd.CommandText = strSql;
cmd.Connection = connection;
cmd.ExecuteNonQuery();
}
}
this.Close();
}
