public static void LogError(HttpContext Context, Procedure Procedure, Exception Exception)
{
int StatusCode; string Message;
if (Exception.Message.StartsWith("asql:"))
{
string[] Split = Exception.Message.Split(":".ToCharArray());
try { StatusCode = Convert.ToInt32(Split[1]); }
catch { StatusCode = 500; }
Message = Split[2];
}
else if (Exception.Message.Contains("Cannot insert duplicate key"))
{
StatusCode = 400;
Message = "A similar record already exists.";
}
else
{
StatusCode = 500; Message = UnexpectedError;
}
string IPAddress = Context.Request.UserHostAddress;
if (string.IsNullOrWhiteSpace(IPAddress))
{
IPAddress = "Unknown";
}
string RequestBody;
try { using (StreamReader Reader = new StreamReader(Context.Request.InputStream, Encoding.UTF8)) { RequestBody = Reader.ReadToEnd(); } }
catch { RequestBody = null; }
if (string.IsNullOrWhiteSpace(RequestBody))
{
RequestBody = null;
}
string ProcedureXML;
try { ProcedureXML = JsonConvert.DeserializeXmlNode(JsonConvert.SerializeObject(Procedure), "Procedure").InnerXml; }
catch { ProcedureXML = null; }
if (string.IsNullOrWhiteSpace(ProcedureXML))
{
ProcedureXML = null;
}
try
{
using (SqlConnection Connection = new SqlConnection(WebConfigurationManager.ConnectionStrings["Database"].ConnectionString))
{
Connection.Open();
using (SqlCommand Command = new SqlCommand("apiErrorLog", Connection))
{
Command.CommandType = CommandType.StoredProcedure;
Command.Parameters.AddWithValue("IPAddress", IPAddress);
Command.Parameters.AddWithValue("URL", Context.Request.Path);
Command.Parameters.AddWithValue("QueryString", Context.Request.QueryString.ToString());
Command.Parameters.AddWithValue("RequestBody", RequestBody);
Command.Parameters.AddWithValue("Procedure", ProcedureXML);
Command.Parameters.AddWithValue("Exception", Exception.Message);
Command.Parameters.AddWithValue("Message", Message);
Command.Parameters.AddWithValue("StackTrace", new StackTrace(Exception, true).ToString());
Command.ExecuteNonQuery();
}
Connection.Close();
}
}
catch (Exception Ex) { Message = Ex.Message; }
Context.Response.Clear();
Context.Response.ContentType = "text/plain";
Context.Response.Write(Message);
Context.Response.StatusCode = StatusCode;
Context.Response.End();
}
public void ProcessRequest(HttpContext Context)
{
Context.Response.ContentType = "text/json";
Procedure Procedure = null;
try
{
if (!Procedure.TryParse(Context, out Procedure))
{
throw new InvalidOperationException("asql:400:Invalid request.");
}
if (string.IsNullOrWhiteSpace(Procedure.Token))
{
throw new UnauthorizedAccessException("asql:401:You must login to continue.");
}
Security.VerifyUser(Procedure.Token);
using (SqlConnection Connection = new SqlConnection(WebConfigurationManager.ConnectionStrings["Database"].ConnectionString))
{
Connection.Open();
using (SqlTransaction Transaction = Connection.BeginTransaction(IsolationLevel.Serializable))
{
try
{
using (SqlCommand Command = new SqlCommand(Procedure.Name, Connection, Transaction))
{
Command.CommandType = CommandType.StoredProcedure;
foreach (Parameter Parameter in Procedure.Parameters)
{
if (Parameter.XML)
{
Command.Parameters.AddWithValue(Parameter.Name, JsonConvert.DeserializeXmlNode(JsonConvert.SerializeObject(Parameter.Value), "Object").InnerXml);
}
else
{
Command.Parameters.AddWithValue(Parameter.Name, Parameter.Value);
}
}
if (Procedure.UserId)
{
Command.Parameters.AddWithValue("UserId", Security.UserIdFromToken(Procedure.Token));
}
if (Procedure.Type == "execute")
{
Command.ExecuteNonQuery();
}
else if (Procedure.Type == "object")
{
using (XmlReader Reader = Command.ExecuteXmlReader())
{
XmlDocument Document = new XmlDocument();
Document.Load(Reader);
Context.Response.Write(JsonConvert.SerializeXmlNode(Document, Newtonsoft.Json.Formatting.Indented));
}
}
else
{
using (SqlDataReader Reader = Command.ExecuteReader((Procedure.Type == "singleton") ? CommandBehavior.SingleRow : CommandBehavior.SingleResult))
{
using (DataTable Table = new DataTable())
{
Table.Load(Reader);
Context.Response.Write(JsonConvert.SerializeObject(Table, Newtonsoft.Json.Formatting.Indented));
}
}
}
Transaction.Commit();
}
}
catch (Exception Exception) { Transaction.Rollback(); throw Exception; }
}
Connection.Close();
}
}
catch (Exception Exception) { Logging.LogError(Context, Procedure, Exception); }
}
