public void addSecurityLog(string sUserID, SecurityLogTypes LogType, SecurityLogActions Action, acObjectTypes ObjectType, string ObjectID, string LogMessage, ref string sErr, ref acTransaction oTrans)
{
string sSQL = null;
string sTrimmedLog = LogMessage.Replace("'", "''").Trim();
if (!string.IsNullOrEmpty(sTrimmedLog))
if (sTrimmedLog.Length > 7999)
sTrimmedLog = sTrimmedLog.Substring(0, 7998);
sSQL = "insert into user_security_log (log_type, action, user_id, log_dt, object_type, object_id, log_msg)" +
" values (" +
"'" + LogType.ToString() + "'," +
"'" + Action.ToString() + "'," +
"'" + sUserID + "'," +
"now()," + Convert.ToString((ObjectType == acObjectTypes.None ? "NULL" : ((int)ObjectType).ToString())) + "," +
Convert.ToString((string.IsNullOrEmpty(ObjectID) ? "NULL" : "'" + ObjectID + "'")) + "," +
"'" + sTrimmedLog + "'" +
")";
if (oTrans == null)
{
//not in a transaction
sqlExecuteUpdate(sSQL, ref sErr);
}
else
{
//use the provided transaction
oTrans.Command.CommandText = sSQL;
//if it fails, it will set the error flag
oTrans.ExecUpdate(ref sErr);
}
}
public void addSecurityLog(string sUserID, SecurityLogTypes LogType, SecurityLogActions Action, acObjectTypes ObjectType,
string ObjectID, string LogMessage, ref string sErr)
{
string sSQL = null;
string sTrimmedLog = LogMessage.Replace("'", "''").Trim();
if (!string.IsNullOrEmpty(sTrimmedLog))
if (sTrimmedLog.Length > 7999)
sTrimmedLog = sTrimmedLog.Substring(0, 7998);
sSQL = "insert into user_security_log (log_type, action, user_id, log_dt, object_type, object_id, log_msg)" +
" values (" +
"'" + LogType.ToString() + "'," +
"'" + Action.ToString() + "'," +
"'" + sUserID + "'," +
"now()," + Convert.ToString((ObjectType == acObjectTypes.None ? "NULL" : ((int)ObjectType).ToString())) + "," +
Convert.ToString((string.IsNullOrEmpty(ObjectID) ? "NULL" : "'" + ObjectID + "'")) + "," +
"'" + sTrimmedLog + "'" +
")";
sqlExecuteUpdate(sSQL, ref sErr);
}
public void WriteObjectDeleteLog(acObjectTypes oType, string sObjectID, string sObjectName, string sLog = "")
{
string sErr = "";
if (!string.IsNullOrEmpty(sObjectID) && !string.IsNullOrEmpty(sObjectName))
{
if (string.IsNullOrEmpty(sLog))
{
sLog = "Deleted: [" + sObjectName.Replace("'", "''") + "].";
}
else
{
sLog = "Deleted: [" + sObjectName.Replace("'", "''") + "] - [" + sLog + "]";
}
dc.addSecurityLog(GetSessionUserID(), SecurityLogTypes.Object, SecurityLogActions.ObjectDelete, oType, sObjectID, sLog, ref sErr);
}
}
public void WriteObjectChangeLog(acObjectTypes oType, string sObjectID, string sObjectName, string sLog)
{
string sErr = "";
if (!string.IsNullOrEmpty(sObjectID) && !string.IsNullOrEmpty(sObjectName))
{
string sMsg = "";
if (string.IsNullOrEmpty(sObjectName))
{
sMsg = "[" + sLog + "]";
}
else
{
sMsg = "Changed: [" + sObjectName.Replace("'", "''") + "] - [" + sLog + "]";
}
dc.addSecurityLog(GetSessionUserID(), SecurityLogTypes.Object, SecurityLogActions.ObjectModify, oType, sObjectID, sMsg, ref sErr);
}
}
//also, we need to start standardizing the way we write 'security logs'.
//this helps do that.
public void WriteObjectChangeLog(acObjectTypes oType, string sObjectID, string sLabel, string sFrom, string sTo)
{
string sErr = "";
if (!string.IsNullOrEmpty(sFrom) && !string.IsNullOrEmpty(sTo))
{
if (sFrom != sTo)
{
dc.addSecurityLog(GetSessionUserID(), SecurityLogTypes.Object, SecurityLogActions.ObjectModify, oType, sObjectID, "Changed: " + sLabel + " from [" + sFrom.Replace("'", "''") + "] to [" + sTo.Replace("'", "''") + "].", ref sErr);
}
}
}
public void addSecurityLog(string sUserID, SecurityLogTypes LogType, SecurityLogActions Action, acObjectTypes ObjectType,
string ObjectID, string LogMessage, ref string sErr)
{
string sSQL = null;
string sTrimmedLog = LogMessage.Replace("'", "''").Trim();
if (!string.IsNullOrEmpty(sTrimmedLog))
{
if (sTrimmedLog.Length > 7999)
{
sTrimmedLog = sTrimmedLog.Substring(0, 7998);
}
}
sSQL = "insert into user_security_log (log_type, action, user_id, log_dt, object_type, object_id, log_msg)" +
" values (" +
"'" + LogType.ToString() + "'," +
"'" + Action.ToString() + "'," +
"'" + sUserID + "'," +
"now()," + Convert.ToString((ObjectType == acObjectTypes.None ? "NULL" : ((int)ObjectType).ToString())) + "," +
Convert.ToString((string.IsNullOrEmpty(ObjectID) ? "NULL" : "'" + ObjectID + "'")) + "," +
"'" + sTrimmedLog + "'" +
")";
sqlExecuteUpdate(sSQL, ref sErr);
}
public void addSecurityLog(string sUserID, SecurityLogTypes LogType, SecurityLogActions Action, acObjectTypes ObjectType, string ObjectID, string LogMessage, ref string sErr, ref acTransaction oTrans)
{
string sSQL = null;
string sTrimmedLog = LogMessage.Replace("'", "''").Trim();
if (!string.IsNullOrEmpty(sTrimmedLog))
{
if (sTrimmedLog.Length > 7999)
{
sTrimmedLog = sTrimmedLog.Substring(0, 7998);
}
}
sSQL = "insert into user_security_log (log_type, action, user_id, log_dt, object_type, object_id, log_msg)" +
" values (" +
"'" + LogType.ToString() + "'," +
"'" + Action.ToString() + "'," +
"'" + sUserID + "'," +
"now()," + Convert.ToString((ObjectType == acObjectTypes.None ? "NULL" : ((int)ObjectType).ToString())) + "," +
Convert.ToString((string.IsNullOrEmpty(ObjectID) ? "NULL" : "'" + ObjectID + "'")) + "," +
"'" + sTrimmedLog + "'" +
")";
if (oTrans == null)
{
//not in a transaction
sqlExecuteUpdate(sSQL, ref sErr);
}
else
{
//use the provided transaction
oTrans.Command.CommandText = sSQL;
//if it fails, it will set the error flag
oTrans.ExecUpdate(ref sErr);
}
}
