public ActionResult SimpleQuery()
{
string startwhere = string.Empty;
string report = Request.Form["report"];
CommondController commond = new CommondController(_db);
string sqlValue = commond.GetSqlValue(report, isFillter: false); /*TODO: isFillter:false SimpleQuery*/
if (sqlValue.IsEmpty())
{
return(Content("no"));
}
string[] keys = Request.Form.AllKeys;
MYSQLInit init = new MYSQLInit();
try
{
SimpleSqlInjectMethod(init, sqlValue, keys);
int rowEf = commond.GetCount(sqlValue + init.GetCurrentSQL(), init.GetCurrentPara());
if (0 == rowEf)
{
return(Content("no"));
}
}
catch (Exception ex)
{
BugLog.Write(ex.ToString());
return(Content("error"));
}
Session["SqlValue"] = GetSimpleSql(report);
return(Content("ok"));
}
public ActionResult ETaoPhoto(string Id /*= "040427cf-0cb9-4ef2-8379-5b63df38e98a"*/)
{
if (string.IsNullOrEmpty(Id))
{
return(View());
}
MYSQLInit Sql = new MYSQLInit();
Sql.Append("select idCardImg1 as 'F_idCard',idCardImg2 as 'B_idCard' ,license as 'License' , storeImg1 as 'Store_1', storeImg2 as 'Store_2' ,storeImg3 as 'Store_3' ,`name` ,phone,authenticId from etao_authentic");
Sql.Where("authenticId =", Id);
DataTable T = new CommondController(_db).GetDataTableWithParam(Sql.GetCurrentSQL(), Sql.GetCurrentPara());
ETaoPhoto model = T.ConvertTo <ETaoPhoto>().FirstOrDefault();
return(View(model));
}
public ActionResult AdvancedQuery()
{
//高级查询 重新查询所有 (重要)
string typeInt = "System.Int32System.Int64System.UInt64System.Int16System.IntSystem.DecimalSystem.SingleSystem.DoubleSystem.SByteSystem.Decima";
string report = Request.Form["report"];
string[] ziduan = Request.Form["ziduan"].Split(new char[] { ',' });
string[] leixing = Request.Form["leixing"].Split(new char[] { ',' });
Dictionary <string, FormValue> dic = new Dictionary <string, FormValue>();
int i = 0;
foreach (var item in ziduan)
{
FormValue fv = new FormValue {
name = ziduan[i], DateExit = true, value = Request.Form[ziduan[i]]
};
if (leixing[i] == "System.DateTime")
{
#region System.DateTime
if (Request.Form[ziduan[i]].Trim() == string.Empty)
{
fv.DateExit = false;
}
if ((Request.Form[ziduan[i] + ziduan[i]]).Trim() == string.Empty)
{
fv.SecondData = false;
}
else
{
fv.SecondData = true;
string date = Request.Form[ziduan[i] + ziduan[i]];
fv.maxDataTime = DateTime.Parse(date).AddDays(1).ToString();
}
#endregion
}
else if (typeInt.Contains(leixing[i]))
{
//存在运算符
if (Request.Form[ziduan[i]].Trim() == string.Empty)
{
fv.DateExit = false;
}
else
{
fv.operatorstr = Request.Form[ziduan[i] + "selectname"];
}
}
else
{
if (Request.Form[ziduan[i]].Trim() == string.Empty)
{
fv.DateExit = false;
}
}
dic.Add(leixing[i] + i.ToString(), fv);
i++;
}
CommondController commond = new CommondController(_db);
string sql = commond.GetSqlValue(report, isFillter: false); /*TODO: isFillter:false AdvancedQuery*/
if (sql.IsNotEmpty())
{
//old method
//处理sql拼接
//sqlString = GetSqlValue(sql, dic, Request.Form["title"]); //getSqlByDict(sql, dic);
//var count=commond.GetCount(sqlString);
//if (0 == count)
//return Content("no");
////保存当前多条件查询的字符串
//Session["SqlValue"] = sqlString;
//return Content("ok");
MYSQLInit sqlInit = new MYSQLInit();
SqlInjectMethod(sql, dic, sqlInit);
var listcount = commond.GetCount(sql + sqlInit.GetCurrentSQL(), sqlInit.GetCurrentPara());
if (0 == listcount)
{
return(Content("no"));
}
else
{
Session["SqlValue"] = GetSqlValue(sql, dic, Request.Form["title"]);
return(Content("ok"));
}
}
else
{
return(Content("no"));
}
}
