C# (CSharp) ContractTools.escapeDBStringの例

プログラミング言語: C# (CSharp)

クラス/型: ContractTools

メソッド/関数: escapeDBString

hotexamples.comのコード掲載数: 2

C# (CSharp) ContractTools.escapeDBString - 2件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたC# (CSharp)のContractTools.escapeDBStringの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

よく使われるメソッド

表示非表示

escapeDBString(2)

addCustomer(1)

getCustomerIDByName(1)

parseJSONArray(1)

parseRequestIntID(1)

parseRequestString(1)

コード例 #1

ファイルを表示

ファイル: ContractTools.cs プロジェクト: lfguoheng/ExtJS4.0-Infrastructure-Application

    public static int addCustomer(string customer_name, int customer_type_id, string connStr)
    {
        bool   insertFailed = false;
        int    custID       = -1;
        string errorMessage = "";
        string queryString  = "INSERT INTO ContractCustomers (customer_name, customer_type) VALUES ('" +
                              ContractTools.escapeDBString(customer_name) + "'," + customer_type_id + "); SELECT CAST(scope_identity() AS int);";

        using (SqlConnection connection = new SqlConnection(connStr))
        {
            try
            {
                SqlCommand command = new SqlCommand(queryString, connection);
                connection.Open();
                int result = Convert.ToInt32(command.ExecuteScalar());
                custID = result;
                connection.Close();
            }
            catch (Exception ex)
            {
                insertFailed = true;
                errorMessage = ex.Message;
            }
        }
        if (insertFailed)
        {
            throw new Exception(errorMessage);
        }
        return(custID);
    }

コード例 #2

ファイルを表示

ファイル: Contract_Object.cs プロジェクト: lfguoheng/ExtJS4.0-Infrastructure-Application

    public int commit(string connStr, int userID)
    {
        // lets get customer_id
        if (customer_id < 0)
        {
            if (customer_name != "" && customer_type_id >= 0)
            {
                int tempCustID = ContractTools.getCustomerIDByName(customer_name, connStr);
                if (tempCustID < 0)
                {
                    customer_id = ContractTools.addCustomer(customer_name, customer_type_id, connStr);
                }
                else
                {
                    customer_id = tempCustID;
                }
            }
            else
            {
                throw new ArgumentException("Need both - customer_name and customer_type_id to create a new customer");
            }
        }
        bool insertNeeded = true;

        if (contract_id > 0)
        {
            insertNeeded = false;
        }

        if (insertNeeded)
        {
            bool   insertFailed = false;
            string errorMessage = "";
            string queryString  = "INSERT INTO Contracts (contract_title, customer_id, contract_type, status, description, terms, directory, created_by) VALUES ('" +
                                  ContractTools.escapeDBString(contract_title) + "'," + customer_id + ",'" + ContractTools.escapeDBString(contract_type) + "','" + ContractTools.escapeDBString(status) +
                                  "','" + ContractTools.escapeDBString(description) + "','" + ContractTools.escapeDBString(terms) + "','" + ContractTools.escapeDBString(directory) + "', " + userID + "); SELECT CAST(scope_identity() AS int);";
            using (SqlConnection connection = new SqlConnection(connStr))
            {
                try
                {
                    SqlCommand command = new SqlCommand(queryString, connection);
                    connection.Open();
                    int result = Convert.ToInt32(command.ExecuteScalar());
                    contract_id = result;
                    connection.Close();
                }
                catch (Exception ex)
                {
                    insertFailed = true;
                    errorMessage = ex.Message;
                }
            }
            if (insertFailed)
            {
                throw new Exception(errorMessage);
            }
        }
        else
        {
            bool   updateFailed = false;
            string errorMessage = "";
            string queryString  = "UPDATE Contracts " +
                                  "SET contract_title='" + ContractTools.escapeDBString(contract_title) + "', " +
                                  "customer_id=" + customer_id + "," +
                                  "contract_type='" + ContractTools.escapeDBString(contract_type) + "', " +
                                  "status='" + ContractTools.escapeDBString(status) + "', " +
                                  "description='" + ContractTools.escapeDBString(description) + "', " +
                                  "terms='" + ContractTools.escapeDBString(terms) + "', " +
                                  "directory='" + ContractTools.escapeDBString(directory) + "' " +
                                  "WHERE contract_id=" + contract_id + ";";
            using (SqlConnection connection = new SqlConnection(connStr))
            {
                try
                {
                    SqlCommand command = new SqlCommand(queryString, connection);
                    connection.Open();
                    command.ExecuteNonQuery();
                }
                catch (Exception ex)
                {
                    updateFailed = true;
                    errorMessage = ex.Message;
                }
            }
            if (updateFailed)
            {
                throw new Exception(errorMessage);
            }
        }
        foreach (Contract_Date_Object dateObject in contract_dates)
        {
            dateObject.contract_id = contract_id;
            dateObject.commit(connStr);
        }
        return(contract_id);
    }