public void addSecurityLog(string sUserID, SecurityLogTypes LogType, SecurityLogActions Action, acObjectTypes ObjectType, string ObjectID, string LogMessage, ref string sErr, ref acTransaction oTrans) { string sSQL = null; string sTrimmedLog = LogMessage.Replace("'", "''").Trim(); if (!string.IsNullOrEmpty(sTrimmedLog)) if (sTrimmedLog.Length > 7999) sTrimmedLog = sTrimmedLog.Substring(0, 7998); sSQL = "insert into user_security_log (log_type, action, user_id, log_dt, object_type, object_id, log_msg)" + " values (" + "'" + LogType.ToString() + "'," + "'" + Action.ToString() + "'," + "'" + sUserID + "'," + "now()," + Convert.ToString((ObjectType == acObjectTypes.None ? "NULL" : ((int)ObjectType).ToString())) + "," + Convert.ToString((string.IsNullOrEmpty(ObjectID) ? "NULL" : "'" + ObjectID + "'")) + "," + "'" + sTrimmedLog + "'" + ")"; if (oTrans == null) { //not in a transaction sqlExecuteUpdate(sSQL, ref sErr); } else { //use the provided transaction oTrans.Command.CommandText = sSQL; //if it fails, it will set the error flag oTrans.ExecUpdate(ref sErr); } }
public void addSecurityLog(string sUserID, SecurityLogTypes LogType, SecurityLogActions Action, acObjectTypes ObjectType, string ObjectID, string LogMessage, ref string sErr) { string sSQL = null; string sTrimmedLog = LogMessage.Replace("'", "''").Trim(); if (!string.IsNullOrEmpty(sTrimmedLog)) if (sTrimmedLog.Length > 7999) sTrimmedLog = sTrimmedLog.Substring(0, 7998); sSQL = "insert into user_security_log (log_type, action, user_id, log_dt, object_type, object_id, log_msg)" + " values (" + "'" + LogType.ToString() + "'," + "'" + Action.ToString() + "'," + "'" + sUserID + "'," + "now()," + Convert.ToString((ObjectType == acObjectTypes.None ? "NULL" : ((int)ObjectType).ToString())) + "," + Convert.ToString((string.IsNullOrEmpty(ObjectID) ? "NULL" : "'" + ObjectID + "'")) + "," + "'" + sTrimmedLog + "'" + ")"; sqlExecuteUpdate(sSQL, ref sErr); }
public void WriteObjectDeleteLog(acObjectTypes oType, string sObjectID, string sObjectName, string sLog = "") { string sErr = ""; if (!string.IsNullOrEmpty(sObjectID) && !string.IsNullOrEmpty(sObjectName)) { if (string.IsNullOrEmpty(sLog)) { sLog = "Deleted: [" + sObjectName.Replace("'", "''") + "]."; } else { sLog = "Deleted: [" + sObjectName.Replace("'", "''") + "] - [" + sLog + "]"; } dc.addSecurityLog(GetSessionUserID(), SecurityLogTypes.Object, SecurityLogActions.ObjectDelete, oType, sObjectID, sLog, ref sErr); } }
public void WriteObjectChangeLog(acObjectTypes oType, string sObjectID, string sObjectName, string sLog) { string sErr = ""; if (!string.IsNullOrEmpty(sObjectID) && !string.IsNullOrEmpty(sObjectName)) { string sMsg = ""; if (string.IsNullOrEmpty(sObjectName)) { sMsg = "[" + sLog + "]"; } else { sMsg = "Changed: [" + sObjectName.Replace("'", "''") + "] - [" + sLog + "]"; } dc.addSecurityLog(GetSessionUserID(), SecurityLogTypes.Object, SecurityLogActions.ObjectModify, oType, sObjectID, sMsg, ref sErr); } }
//also, we need to start standardizing the way we write 'security logs'. //this helps do that. public void WriteObjectChangeLog(acObjectTypes oType, string sObjectID, string sLabel, string sFrom, string sTo) { string sErr = ""; if (!string.IsNullOrEmpty(sFrom) && !string.IsNullOrEmpty(sTo)) { if (sFrom != sTo) { dc.addSecurityLog(GetSessionUserID(), SecurityLogTypes.Object, SecurityLogActions.ObjectModify, oType, sObjectID, "Changed: " + sLabel + " from [" + sFrom.Replace("'", "''") + "] to [" + sTo.Replace("'", "''") + "].", ref sErr); } } }
public void addSecurityLog(string sUserID, SecurityLogTypes LogType, SecurityLogActions Action, acObjectTypes ObjectType, string ObjectID, string LogMessage, ref string sErr) { string sSQL = null; string sTrimmedLog = LogMessage.Replace("'", "''").Trim(); if (!string.IsNullOrEmpty(sTrimmedLog)) { if (sTrimmedLog.Length > 7999) { sTrimmedLog = sTrimmedLog.Substring(0, 7998); } } sSQL = "insert into user_security_log (log_type, action, user_id, log_dt, object_type, object_id, log_msg)" + " values (" + "'" + LogType.ToString() + "'," + "'" + Action.ToString() + "'," + "'" + sUserID + "'," + "now()," + Convert.ToString((ObjectType == acObjectTypes.None ? "NULL" : ((int)ObjectType).ToString())) + "," + Convert.ToString((string.IsNullOrEmpty(ObjectID) ? "NULL" : "'" + ObjectID + "'")) + "," + "'" + sTrimmedLog + "'" + ")"; sqlExecuteUpdate(sSQL, ref sErr); }
public void addSecurityLog(string sUserID, SecurityLogTypes LogType, SecurityLogActions Action, acObjectTypes ObjectType, string ObjectID, string LogMessage, ref string sErr, ref acTransaction oTrans) { string sSQL = null; string sTrimmedLog = LogMessage.Replace("'", "''").Trim(); if (!string.IsNullOrEmpty(sTrimmedLog)) { if (sTrimmedLog.Length > 7999) { sTrimmedLog = sTrimmedLog.Substring(0, 7998); } } sSQL = "insert into user_security_log (log_type, action, user_id, log_dt, object_type, object_id, log_msg)" + " values (" + "'" + LogType.ToString() + "'," + "'" + Action.ToString() + "'," + "'" + sUserID + "'," + "now()," + Convert.ToString((ObjectType == acObjectTypes.None ? "NULL" : ((int)ObjectType).ToString())) + "," + Convert.ToString((string.IsNullOrEmpty(ObjectID) ? "NULL" : "'" + ObjectID + "'")) + "," + "'" + sTrimmedLog + "'" + ")"; if (oTrans == null) { //not in a transaction sqlExecuteUpdate(sSQL, ref sErr); } else { //use the provided transaction oTrans.Command.CommandText = sSQL; //if it fails, it will set the error flag oTrans.ExecUpdate(ref sErr); } }