public string DeleteInfById(VisitorAccessInf v) { if (v.Token == DataHelper.getToken()) { //string sql = "insert into T_VisitorAccessInf(VName, VSex, VNation, VBirthDate, VAddress, VIssuingAuthority, VExpiryDate, VCertificatePhoto, VLocalePhoto, VCertificateType, VCertificateNumber, VType, VFromCourtId, VInTime, VOutTime, VInPost, VOutPost, VInDoorkeeper, VOutDoorkeeper, VVisitingReason, VIntervieweeDept, VInterviewee, VOffice, VOfficePhone, VExtensionPhone, VMobilePhone, VRemark) values(@VName, @VSex, @VNation, @VBirthDate, @VAddress, @VIssuingAuthority, @VExpiryDate, @VCertificatePhoto, @VLocalePhoto, @VCertificateType, @VCertificateNumber, @VType, @VFromCourtId, @VInTime, @VOutTime, @VInPost, @VOutPost, @VInDoorkeeper, @VOutDoorkeeper, @VVisitingReason, @VIntervieweeDept, @VInterviewee, @VOffice, @VOfficePhone, @VExtensionPhone, @VMobilePhone, @VRemark)"; string sql = "delete from T_VisitorAccessInf where VId=@VId"; SqlParameter[] pms = new SqlParameter[] { new SqlParameter("@VId", SqlDbType.Int) { Value = v.VId } }; try { int result = SQLHelper.ExecuteNonQuery(sql, System.Data.CommandType.Text, pms); return(ConvertHelper.IntToJson(result)); } catch (Exception e) { //在webapi中要想抛出异常必须这样抛出,否则之抛出一个默认500的异常 var resp = new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent(e.ToString()), ReasonPhrase = "error" }; throw new HttpResponseException(resp); } } else { return(ConvertHelper.resultJson(101, "权限受限!")); } }
public string EditInf(VisitorAccessInf v) { //string sql = "insert into T_VisitorAccessInf(VName, VSex, VNation, VBirthDate, VAddress, VIssuingAuthority, VExpiryDate, VCertificatePhoto, VLocalePhoto, VCertificateType, VCertificateNumber, VType, VFromCourtId, VInTime, VOutTime, VInPost, VOutPost, VInDoorkeeper, VOutDoorkeeper, VVisitingReason, VIntervieweeDept, VInterviewee, VOffice, VOfficePhone, VExtensionPhone, VMobilePhone, VRemark) values(@VName, @VSex, @VNation, @VBirthDate, @VAddress, @VIssuingAuthority, @VExpiryDate, @VCertificatePhoto, @VLocalePhoto, @VCertificateType, @VCertificateNumber, @VType, @VFromCourtId, @VInTime, @VOutTime, @VInPost, @VOutPost, @VInDoorkeeper, @VOutDoorkeeper, @VVisitingReason, @VIntervieweeDept, @VInterviewee, @VOffice, @VOfficePhone, @VExtensionPhone, @VMobilePhone, @VRemark)"; string sql = "update T_VisitorAccessInf set VName=@VName,VSex=@VSex,VNation=@VNation,VBirthDate=@VBirthDate,VAddress=@VAddress,"; sql += "VIssuingAuthority=@VIssuingAuthority,VExpiryDate=@VExpiryDate,VCertificatePhoto=@VCertificatePhoto,VLocalePhoto=@VLocalePhoto,VCertificateType=@VCertificateType,VCertificateNumber=@VCertificateNumber,VType=@VType,VFromCourtId=@VFromCourtId,"; sql += "VInTime=@VInTime,VOutTime=@VOutTime,VInPost=@VInPost,VOutPost=@VOutPost,VInDoorkeeper=@VInDoorkeeper,VOutDoorkeeper=@VOutDoorkeeper,VVisitingReason=@VVisitingReason,VIntervieweeDept=@VIntervieweeDept,VInterviewee=@VInterviewee,"; sql += "VOffice=@VOffice,VOfficePhone=@VOfficePhone,VExtensionPhone=@VExtensionPhone,VMobilePhone=@VMobilePhone,VRemark=@VRemark"; sql += " where VId=@VId"; SqlParameter[] pms = new SqlParameter[] { new SqlParameter("@VName", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VName) }, new SqlParameter("@VSex", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VSex) }, new SqlParameter("@VNation", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VNation) }, new SqlParameter("@VBirthDate", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VBirthDate) }, new SqlParameter("@VAddress", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VAddress) }, new SqlParameter("@VIssuingAuthority", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VIssuingAuthority) }, new SqlParameter("@VExpiryDate", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VExpiryDate) }, new SqlParameter("@VCertificatePhoto", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VCertificatePhoto, true) }, new SqlParameter("@VLocalePhoto", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VLocalePhoto, true) }, new SqlParameter("@VCertificateType", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VCertificateType) }, new SqlParameter("@VCertificateNumber", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VCertificateNumber) }, new SqlParameter("@VType", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VType) }, new SqlParameter("@VFromCourtId", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VFromCourtId) }, new SqlParameter("@VInTime", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VInTime) }, new SqlParameter("@VOutTime", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOutTime) }, new SqlParameter("@VInPost", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VInPost) }, new SqlParameter("@VOutPost", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOutPost) }, new SqlParameter("@VInDoorkeeper", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VInDoorkeeper) }, new SqlParameter("@VOutDoorkeeper", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOutDoorkeeper) }, new SqlParameter("@VVisitingReason", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VVisitingReason) }, new SqlParameter("@VIntervieweeDept", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VIntervieweeDept) }, new SqlParameter("@VInterviewee", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VInterviewee) }, new SqlParameter("@VOffice", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOffice) }, new SqlParameter("@VOfficePhone", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOfficePhone) }, new SqlParameter("@VExtensionPhone", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VExtensionPhone) }, new SqlParameter("@VMobilePhone", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VMobilePhone) }, new SqlParameter("@VRemark", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VRemark) }, new SqlParameter("@VId", SqlDbType.Int) { Value = v.VId } }; try { int result = SQLHelper.ExecuteNonQuery(sql, System.Data.CommandType.Text, pms); return(ConvertHelper.IntToJson(result)); } catch (Exception e) { //在webapi中要想抛出异常必须这样抛出,否则之抛出一个默认500的异常 var resp = new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent(e.ToString()), ReasonPhrase = "error" }; throw new HttpResponseException(resp); } }
public string AddInf(VisitorAccessInf v) { string wramStr = ""; if (v.VName == "" || v.VName == null) { wramStr = "姓名不能为空"; return("{\"code\":0,\"msg\":\"" + wramStr + "\"}"); } if (v.VAddress == "" || v.VAddress == null) { wramStr = "身份证中的住址不能为空"; return("{\"code\":0,\"msg\":\"" + wramStr + "\"}"); } if (v.VCertificateNumber == "" || v.VCertificateNumber == null) { wramStr = "证件号不能为空"; return("{\"code\":0,\"msg\":\"" + wramStr + "\"}"); } //数据在传输过程中,密文中的“+”号会被替换合成“ ”空格号,把它还原回来 string name = v.VName.Replace(" ", "+"); string address = v.VAddress.Replace(" ", "+"); string certificateNumber = v.VCertificateNumber.Replace(" ", "+"); string p = ""; p += "VName=" + name; p += "&VSex=" + v.VSex; p += "&VNation=" + v.VNation; p += "&VBirthDate=" + v.VBirthDate; p += "&VAddress=" + address; p += "&VIssuingAuthority=" + v.VIssuingAuthority; p += "&VExpiryDate=" + v.VExpiryDate; p += "&VCertificatePhoto=" + DataHelper.IsNullReturnLine(v.VCertificatePhoto, true); p += "&VLocalePhoto=" + DataHelper.IsNullReturnLine(v.VLocalePhoto, true); p += "&VCertificateType=" + v.VCertificateType; p += "&VCertificateNumber=" + certificateNumber; p += "&VType=" + v.VType; p += "&VFromCourtId=" + v.VFromCourtId; p += "&VInTime=" + v.VInTime; p += "&VOutTime=" + v.VOutTime; p += "&VInPost=" + v.VInPost; p += "&VOutPost=" + v.VOutPost; p += "&VInDoorkeeper=" + v.VInDoorkeeper; p += "&VOutDoorkeeper=" + v.VOutDoorkeeper; p += "&VVisitingReason=" + v.VVisitingReason; p += "&VIntervieweeDept=" + v.VIntervieweeDept; p += "&VInterviewee=" + v.VInterviewee; p += "&VOffice=" + v.VOffice; p += "&VOfficePhone=" + v.VOfficePhone; p += "&VExtensionPhone=" + v.VExtensionPhone; p += "&VMobilePhone=" + v.VMobilePhone; p += "&VRemark=" + v.VRemark; string md5Ciphertext = v.VMD5Ciphertext;//对方传过来的所有字段的MD5密文 //把传过来的信息再次MD5加密,和所有字段的MD5密文进行比对,保证数据在传输过程中没被修改才允许添加到数据库 string md5P = MD5Helper._md5(p); if (md5Ciphertext == md5P) { string sql = "sp_addVisitorAccessInf"; SqlParameter[] pms = new SqlParameter[] { new SqlParameter("@VName", SqlDbType.NVarChar) { Value = RSAHelper.DecryptWithPrivateKey(privateKey, name) }, new SqlParameter("@VSex", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VSex) }, new SqlParameter("@VNation", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VNation) }, new SqlParameter("@VBirthDate", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VBirthDate) }, new SqlParameter("@VAddress", SqlDbType.NVarChar) { Value = RSAHelper.DecryptWithPrivateKey(privateKey, address) }, new SqlParameter("@VIssuingAuthority", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VIssuingAuthority) }, new SqlParameter("@VExpiryDate", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VExpiryDate) }, new SqlParameter("@VCertificatePhoto", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VCertificatePhoto, true) }, new SqlParameter("@VLocalePhoto", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VLocalePhoto, true) }, new SqlParameter("@VCertificateType", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VCertificateType) }, new SqlParameter("@VCertificateNumber", SqlDbType.NVarChar) { Value = RSAHelper.DecryptWithPrivateKey(privateKey, certificateNumber) }, new SqlParameter("@VType", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VType) }, new SqlParameter("@VFromCourtId", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VFromCourtId) }, new SqlParameter("@VInTime", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VInTime) }, new SqlParameter("@VOutTime", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOutTime) }, new SqlParameter("@VInPost", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VInPost) }, new SqlParameter("@VOutPost", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOutPost) }, new SqlParameter("@VInDoorkeeper", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VInDoorkeeper) }, new SqlParameter("@VOutDoorkeeper", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOutDoorkeeper) }, new SqlParameter("@VVisitingReason", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VVisitingReason) }, new SqlParameter("@VIntervieweeDept", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VIntervieweeDept) }, new SqlParameter("@VInterviewee", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VInterviewee) }, new SqlParameter("@VOffice", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOffice) }, new SqlParameter("@VOfficePhone", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VOfficePhone) }, new SqlParameter("@VExtensionPhone", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VExtensionPhone) }, new SqlParameter("@VMobilePhone", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VMobilePhone) }, new SqlParameter("@VRemark", SqlDbType.NVarChar) { Value = DataHelper.IsNullReturnLine(v.VRemark) } }; try { int result = SQLHelper.ExecuteNonQuery(sql, System.Data.CommandType.StoredProcedure, pms); return(ConvertHelper.IntToJson(result)); } catch (Exception e) { //在webapi中要想抛出异常必须这样抛出,否则只抛出一个默认500的异常 var resp = new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent(e.ToString()), ReasonPhrase = "error" }; throw new HttpResponseException(resp); } } else { return(ConvertHelper.resultJson(0, "数据传输过程中被篡改")); } }