/// <summary> /// ����ERPID��ȡ��Ӧ��ECDMSID /// </summary> /// <param name="id"></param> /// <returns></returns> public static string FindECDMSID(string id) { //Database db = DatabaseFactory.CreateDatabase(); OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT ECDMSID FROM plm.PROJECT_RELATION_TAB WHERE ERPid=:id"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "id", DbType.String, id); return Convert.ToString(db.ExecuteScalar(cmd)); }
/// <summary> /// ����Ȩ�ޱ�ʶ���ж��Ƿ���ڴ�Ȩ�� /// </summary> /// <param name="flag"></param> /// <returns></returns> public static bool Exist(string flag) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT PRIVILEGE_FLAG FROM PLM.PRIVILEGE_TAB WHERE PRIVILEGE_FLAG=:flag"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "flag", DbType.String, flag); object ret = db.ExecuteScalar(cmd); return (ret == null || ret == DBNull.Value) ? false : true; }
public static string FindDesc(string id) { //Database db = DatabaseFactory.CreateDatabase(); OracleDatabase db = new OracleDatabase(DataAccess.IFSConnStr); string sql = "SELECT DESCRIPTION FROM IFSAPP.YRS_REQUISITION_REASON_TAB WHERE REASON_CODE=:id"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "id", DbType.String, id); return Convert.ToString(db.ExecuteScalar(cmd)); }
/// <summary> /// �жϽ�ɫ�Ƿ���� /// </summary> /// <param name="roleName"></param> /// <returns></returns> public static bool Available(string roleName) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT STATE FROM PLM.ROLE_TAB WHERE ROLENAME=:rolename"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "rolename", DbType.String, roleName); object state = db.ExecuteScalar(cmd); if (state == null || state == DBNull.Value) return false; return state.ToString().ToUpper() == RoleState.NORMAL.ToString(); }
/// <summary> /// 查看是否存在修改通知单 /// </summary> /// <param name="pid"></param> /// <param name="drawingno"></param> /// <returns></returns> public static bool ExistModifyDrawing(string pid, string drawingno) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "select t.modifydrawings from plm.SP_CREATEPDFDRAWING t where t.projectid='" + pid + "' and t.drawingno='" + drawingno + "' and t.FRONTPAGE is not null AND t.FLAG = 'Y'"; DbCommand cmd = db.GetSqlStringCommand(sql); object ret = db.ExecuteScalar(cmd); if (ret == null || ret == DBNull.Value) return false; return true; }
/// <summary> /// 查看合并生成图纸表中是否存在该项 /// </summary> /// <param name="pid"></param> /// <param name="drawingno"></param> /// <returns></returns> public static bool ExistInfo(string pid,string drawingno) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "select count(*) from plm.SP_CREATEPDFDRAWING t where t.projectid='"+pid+"' and t.drawingno='"+drawingno+"' AND t.FLAG = 'Y'"; DbCommand cmd = db.GetSqlStringCommand(sql); object ret = db.ExecuteScalar(cmd); int num = Convert.ToInt32(ret); if (num==0) return false; return true; }
/// <summary> /// �ڵ��Ƿ��и�Ȩ������ /// </summary> /// <returns></returns> public static bool ExistPrivilege(int privilegeid,int nodeid) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); //OracleDatabase db = new OracleDatabase(UserSecurity.ConnectionString); string sql = "SELECT * FROM PLM.PRIVILEGE_NODE_TAB WHERE PRIVILEGE_ID=:privilegeid AND NODE_ID=:nodeid"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "privilegeid", DbType.Int32, privilegeid); db.AddInParameter(cmd, "nodeid", DbType.Int32, nodeid); object ret = db.ExecuteScalar(cmd); if (ret == null || ret == DBNull.Value) return false; return true; }
/// <summary> /// ���ݽ�ɫ���Ƽ�Ȩ�ޱ�ʶID�ж��Ƿ���и�Ȩ�� /// </summary> /// <param name="privlegeId"></param> /// <param name="roleName"></param> /// <returns></returns> public static bool HavingPrivilege(string roleName, int privlegeId) { if (!Available(roleName)) return false; //Self Privlege Check OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT PRIVILEGE_ID FROM PLM.ROLEINPRIVILEGE_TAB WHERE ROLENAME=:rolename AND PRIVILEGE_ID=:privilegeid"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "rolename", DbType.String, roleName); db.AddInParameter(cmd, "privilegeid", DbType.Int32, privlegeId); object ret = db.ExecuteScalar(cmd); if (ret != null && ret != DBNull.Value) return true; //Inherit Role Privilege Check //bool hasPrivilege = false; foreach (string inheritRole in FindInheritRole(roleName)) { if (HavingPrivilege(inheritRole, privlegeId)) return true; } return false; }
/// <summary> /// ���ݽ�ɫ���ơ�Ȩ�ޱ�ʶ������ĿID�ж��Ƿ���и�Ȩ�� /// </summary> /// <param name="roleName"></param> /// <param name="privlegeId"></param> /// <param name="projectId"></param> /// <returns></returns> public static bool HavingPrivilege(string roleName, int privlegeId, int projectId) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT PROJECT_ID FROM PLM.ROLEINPRIVILEGE_TAB WHERE ROLENAME=:rolename AND PRIVILEGE_ID=:privilegeid"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "rolename", DbType.String, roleName); db.AddInParameter(cmd, "privilegeid", DbType.Int32, privlegeId); object projectIDS = db.ExecuteScalar(cmd); if (projectIDS != null) { if (projectIDS.ToString().ToLower().Contains("all")) return true; string[] pidArray = projectIDS.ToString().Split(','); if (DreamStu.Common.Util.IsArrayContainStr(pidArray, projectId.ToString())) return true; } //Inherit Role Privilege Check //bool hasPrivilege = false; foreach (string inheritRole in FindInheritRole(roleName)) { if (HavingPrivilege(inheritRole, privlegeId, projectId)) return true; } return false; }
public static string FindPartTypeDesc(int typeid) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT TYPE_DESC FROM plm.MM_PART_TYPE_TAB WHERE TYPEID=:typeid"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "typeid", DbType.Int32, typeid); return Convert.ToString(db.ExecuteScalar(cmd)); }
/// <summary> /// ��ý�ɫ״̬ /// </summary> /// <param name="roleName"></param> /// <returns></returns> public static RoleState GetState(string roleName) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT STATE FROM PLM.ROLE_TAB WHERE LOWER(ROLENAME)=:rolename"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "rolename", DbType.String, roleName.ToLower()); object s = db.ExecuteScalar(cmd); if (s == null || s == DBNull.Value) return RoleState.LOCKED; if (string.IsNullOrEmpty(s.ToString())) return RoleState.LOCKED; return (RoleState)Enum.Parse(typeof(RoleState), s.ToString()); }
public static string FindSiteName(string id) { //Database db = DatabaseFactory.CreateDatabase(); OracleDatabase db = new OracleDatabase(DataAccess.IFSConnStr); string sql = "SELECT CONTRACT_REF FROM IFSAPP.site_tab WHERE CONTRACT=:id"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "id", DbType.String, id); return Convert.ToString(db.ExecuteScalar(cmd)); }
/// <summary> /// ����PROJECTNAME��ȡ��Ӧ��ERP����ĿID /// </summary> /// <param name="id"></param> /// <returns></returns> public static string FindERPID(string id) { //Database db = DatabaseFactory.CreateDatabase(); OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT ERPID FROM plm.project_relation_view WHERE projectname_db=:id"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "id", DbType.String, id); return Convert.ToString(db.ExecuteScalar(cmd)); }
public static int GetPartParaCou(string partid, string creator, string projectstr) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); // Database db = DatabaseFactory.CreateDatabase("oidsConnection"); //OracleDatabase db = new OracleDatabase(UserSecurity.ConnectionString); string sql = "SELECT count(*) from MM_PART_PARAMETER_TAB where projectid='"+projectstr+"' and part_no=" + partid + " and last_flag=0 and discipline ="+creator; DbCommand cmd = db.GetSqlStringCommand(sql); return Convert.ToInt32(db.ExecuteScalar(cmd)); }
/// <summary> /// ���ݽ�ɫ��ͼֽ��Ż�ȡ�Ƿ�������ʱ�ʶ /// </summary> /// <param name="roleName"></param> /// <param name="drawingId"></param> /// <returns></returns> public static string DrawingAllowedFlag(string roleName, int drawingId) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT ALLOW_FLAG FROM PLM.ROLEINDRAWING_TAB WHERE ROLENAME=:rolename AND DRAWING_ID=:drawingid"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "rolename", DbType.String, roleName); db.AddInParameter(cmd, "drawingid", DbType.Int32, drawingId); object allowFlag = db.ExecuteScalar(cmd); if (allowFlag == DBNull.Value || allowFlag == null) return string.Empty; return allowFlag.ToString(); }
/// <summary> /// �������ID����ĿID�ҳ�Ԥ������ /// </summary> /// <param name="partid"></param> /// <param name="projectid"></param> /// <returns></returns> public static decimal FindPartParaSum(int partid, string projectid) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); // Database db = DatabaseFactory.CreateDatabase("oidsConnection"); //OracleDatabase db = new OracleDatabase(UserSecurity.ConnectionString); string sql = "SELECT pred_sum_qty FROM plm.mm_part_parasum_view WHERE PARTID="+partid+" and ecprojectid="+projectid ; DbCommand cmd = db.GetSqlStringCommand(sql); object pdsumqty = db.ExecuteScalar(cmd); return (pdsumqty == null || pdsumqty == DBNull.Value) ? Convert.ToDecimal(0) : Convert.ToDecimal(pdsumqty); }
public static string FindPreQty(string project, string partno, string site) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); // Database db = DatabaseFactory.CreateDatabase("oidsConnection"); //OracleDatabase db = new OracleDatabase(UserSecurity.ConnectionString); string sql = "SELECT PREDICTION_QTY FROM plm.MM_PART_PARAMETER_TAB WHERE PROJECTID=:projectid and PART_NO=:partno and CONTRACT=:site"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "projectid", DbType.String, project); db.AddInParameter(cmd, "partno", DbType.String, partno); db.AddInParameter(cmd, "site", DbType.String, site); return Convert.ToString(db.ExecuteScalar(cmd)); }
public static string GetBlockNo(string drawingno,int flag) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = string.Empty; if (flag == 0) sql = "select distinct t.blockno from SP_SPOOL_TAB t where t.drawingno='" + drawingno + "' AND T.FLAG='Y'"; else sql = "select distinct t.blockno from SP_SPOOL_TAB t where t.modifydrawingno='" + drawingno + "' and t.flag='Y'"; DbCommand cmd = db.GetSqlStringCommand(sql); return Convert.ToString(db.ExecuteScalar(cmd)); }
/// <summary> /// ����MEO�ӱ� /// </summary> /// <returns></returns> public int REQUIRE_Add() { // Database db = DatabaseFactory.CreateDatabase("oidsConnection"); OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); DbCommand cmd = db.GetSqlStringCommand("INSERT INTO plm.MM_PART_REQUIRE_TAB(DISCIPLINEID,ECPROJECTID,REQUIRE_NO,CONTRACT,INFORMATION,IS_INVENTORY,CREATE_DATE,CREATER,PROJECT_ID,SYSTEM_ID,PARTTYPE_ID,REMARK,ERP_PARTTYPE,ERP_DISCIPLINE,state) VALUES (:discpid,:ECprojectid,:requireno,:contract,:information,:isinventory,sysdate,:creater,:projectId,:sysId,:parttypeid,:remark,:ERPtypeid,:ERPDiscip,1)"); db.AddInParameter(cmd, "requireno", DbType.String, REQUIRE_NO); db.AddInParameter(cmd, "contract", DbType.String, CONTRACT); db.AddInParameter(cmd, "information", DbType.String, INFORMATION); db.AddInParameter(cmd, "isinventory", DbType.String, IS_INVENTORY); db.AddInParameter(cmd, "creater", DbType.String, CREATER); //db.AddInParameter(cmd, "createrole", DbType.String, "MaterialApp"); db.AddInParameter(cmd, "projectId", DbType.String, PROJECT_ID); db.AddInParameter(cmd, "sysId", DbType.String, SYSTEM_ID); db.AddInParameter(cmd, "remark", DbType.String, REMARK); db.AddInParameter(cmd, "parttypeid", DbType.String, PARTTYPE_ID); db.AddInParameter(cmd, "ECprojectid", DbType.String, ECPROJECTID); db.AddInParameter(cmd, "discpid", DbType.String, DISCIPLINEID); db.AddInParameter(cmd, "ERPtypeid", DbType.String, ERP_PARTTYPE); db.AddInParameter(cmd, "ERPDiscip", DbType.String, ERP_DISCIPLINE); int requireId = 0; int rowsAffected = db.ExecuteNonQuery(cmd); if (rowsAffected > 0) { DbCommand cmdSeq = db.GetSqlStringCommand("SELECT PLM.MM_REQUIRE_SEQ.CURRVAL FROM DUAL"); requireId = Convert.ToInt32(db.ExecuteScalar(cmdSeq)); } return requireId; }
/// <summary> /// �������뵥�ź���ĿID��������� /// </summary> /// <param name="meoid"></param> /// <param name="projectid"></param> /// <returns></returns> public static string GetMEONO(string meoid,string projectid) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT require_no FROM plm.mm_part_require_tab WHERE REQUIRE_ID=" + meoid + " and ecprojectid=" + projectid; DbCommand cmd = db.GetSqlStringCommand(sql); object pdsumqty = db.ExecuteScalar(cmd); return (pdsumqty == null || pdsumqty == DBNull.Value) ? "" : Convert.ToString(pdsumqty); }
/// <summary> /// ���ݽ�ɫ���ơ�Ȩ�ޱ�ʶ������ĿID�ж��Ƿ���и�Ȩ�� /// </summary> /// <param name="roleName"></param> /// <param name="privlegeId"></param> /// <param name="projectId"></param> /// <returns></returns> public static bool HavingPrivilege(string roleName, int privlegeId, string andSql) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT ASQL FROM PLM.ROLEINPRIVILEGE_TAB WHERE ROLENAME=:rolename AND PRIVILEGE_ID=:privilegeid"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "rolename", DbType.String, roleName); db.AddInParameter(cmd, "privilegeid", DbType.Int32, privlegeId); object asql = db.ExecuteScalar(cmd); if (asql != null) { if (asql.ToString() == "ALL") return true; string finalSql = string.Format("{0}{1}", asql, string.IsNullOrEmpty(andSql) ? string.Empty : (" AND " + andSql)); DbCommand finalCmd = db.GetSqlStringCommand(finalSql); object c = db.ExecuteScalar(finalCmd); if (Convert.ToInt32(c) > 0) return true; } //Inherit Role Privilege Check //bool hasPrivilege = false; foreach (string inheritRole in FindInheritRole(roleName)) { if (HavingPrivilege(inheritRole, privlegeId, andSql)) return true; } return false; }
/// <summary> /// 验证用户并获得用户的ID(若没此用户则返回0) /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <returns></returns> public static int VerifyID(string userName, string password) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); //Database db = DatabaseFactory.CreateDatabase("oidsConnection"); string sql = "SELECT ID FROM PLM.USER_TAB WHERE LOWER(NAME)=:username AND PASS=:userpass"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "username", DbType.String, userName.ToLower()); db.AddInParameter(cmd, "userpass", DbType.String, Security.HashCryptString(password)); object ret = db.ExecuteScalar(cmd); if (ret == null) return 0; return Convert.ToInt32(ret); }
/// <summary> /// 验证用户 /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <returns></returns> public static bool Verify(string userName, string password) { try { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT COUNT(*) FROM PLM.USER_TAB WHERE TRIM(LOWER(NAME))=:username AND PASS=:userpass"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "username", DbType.String, userName.ToLower()); db.AddInParameter(cmd, "userpass", DbType.String, Security.HashCryptString(password)); return Convert.ToInt32(db.ExecuteScalar(cmd)) >= 1; } catch (Exception ex) { //MessageBox.Show(ex.Message.ToString()); return false; } }
public static string FindRelativeStnPartno(string ErpPartno,string proId,int ActSeq,string site) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = " select STA_PART_NO from plm.MM_IFS_STA_PART_TAB where ERP_PART_NO=:erpPartno and PROJECTID=:proId and ACTIVITYSEQ=:actSeq and SITE=:site"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "erpPartno", DbType.String, ErpPartno); db.AddInParameter(cmd, "proId", DbType.String, proId); db.AddInParameter(cmd, "actSeq", DbType.Int32, ActSeq); db.AddInParameter(cmd, "site", DbType.String, site); return Convert.ToString( db.ExecuteScalar(cmd)); }
public static string FindName(string id) { //Database db = DatabaseFactory.CreateDatabase(); OracleDatabase db = new OracleDatabase(DataAccess.IFSConnStr); string sql = "SELECT description FROM IFSAPP.PROJECT WHERE project_id=:id"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "id", DbType.String, id); return Convert.ToString (db.ExecuteScalar(cmd)); }
/// <summary> /// �ж��Ƿ���� /// </summary> /// <returns></returns> public bool IFStandardPart() { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT 1 FROM plm.MM_IFS_STA_PART_TAB where STA_PART_NO=:staPartno and PROJECTID=:proId and ACTIVITYSEQ=:actSeq and SITE=:site"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "staPartno", DbType.String, STA_PART_NO); db.AddInParameter(cmd, "proId", DbType.String, PROJECTID); db.AddInParameter(cmd, "actSeq", DbType.Int32, ACTIVITYSEQ); db.AddInParameter(cmd, "site", DbType.String, SITE); object rname = db.ExecuteScalar(cmd); return (rname == null || rname == DBNull.Value) ? false : true; }
/// <summary> /// 根据用户名称及权限标识符判断是否具有该权限 /// </summary> /// <param name="userName"></param> /// <param name="privilegeFlag"></param> /// <returns></returns> public static bool HavingPrivilege(string userName, string privilegeFlag, string andSql) { int privlegeId = Privilege.FindIdByFlag(privilegeFlag); if (privlegeId == 0) return false; OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT ASQL FROM PLM.USERINPRIVILEGE_TAB WHERE USERNAME=:username AND PRIVILEGE_ID=:privilegeid"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "username", DbType.String, userName); db.AddInParameter(cmd, "privilegeid", DbType.Int32, privlegeId); object asql = db.ExecuteScalar(cmd); if (asql != null) { if (asql.ToString() == "ALL") return true; string finalSql = string.Format("{0}{1}", asql, string.IsNullOrEmpty(andSql) ? string.Empty : (" AND " + andSql)); DbCommand finalCmd = db.GetSqlStringCommand(finalSql); object c = db.ExecuteScalar(finalCmd); if (Convert.ToInt32(c) > 0) return true; } List<string> roleNameList = FindRoleName(userName); if (roleNameList.Count == 0) return false; bool ret = false; foreach (string roleName in roleNameList) { if (Role.HavingPrivilege(roleName, privlegeId, andSql)) { ret = true; break; } } return ret; }
/// <summary> /// ���ݽ�ɫ���ƻ�ô˽�ɫȨ�ޱ�ʶ /// </summary> /// <param name="roleName"></param> /// <returns></returns> public static string FindFlagsByRoleName(string roleName) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT PRIVILEGE_FLAGS FROM PLM.ROLE_TAB WHERE ROLENAME=:rolename"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "rolename", DbType.String, roleName); object flags = db.ExecuteScalar(cmd); return (flags == null || flags == DBNull.Value) ? string.Empty : flags.ToString(); }
/// <summary> /// ȡ��spec�ֶζ�Ӧ������ /// </summary> /// <param name="typeid"></param> /// <param name="num"></param> /// <returns></returns> public static string GetSpecName(string typeid,string num) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); // Database db = DatabaseFactory.CreateDatabase("oidsConnection"); //OracleDatabase db = new OracleDatabase(UserSecurity.ConnectionString); string sql = "SELECT spec_namespec(" + typeid+","+num+") FROM dual"; DbCommand cmd = db.GetSqlStringCommand(sql); return Convert.ToString(db.ExecuteScalar(cmd)); }
/// <summary> /// ����Ȩ�ޱ�ʶ�����Ȩ��ID�� /// </summary> /// <param name="flag"></param> /// <returns></returns> public static int FindIdByFlag(string flag) { OracleDatabase db = new OracleDatabase(DataAccess.OIDSConnStr); string sql = "SELECT PRIVILEGE_ID FROM PLM.PRIVILEGE_TAB WHERE PRIVILEGE_FLAG=:flag"; DbCommand cmd = db.GetSqlStringCommand(sql); db.AddInParameter(cmd, "flag", DbType.String, flag); object id = db.ExecuteScalar(cmd); return (id == null || id == DBNull.Value) ? 0 : Convert.ToInt32(id); }