public static DBOperator DelData(string condition, object obj)
{
DBOperator dbOp = new DBOperator();
dbOp.ExeType = SqlExeType.Delete;
Type objType = obj.GetType();
object[] propsTab = objType.GetCustomAttributes(typeof(DBBindTable), false);
if (propsTab == null)
{
return(null);
}
DBBindTable bindTab = propsTab[0] as DBBindTable;
dbOp.SqlCode = "update " + bindTab.Table + " set Deleted=1 where " + condition;
//return "update " + bindTab.Table + " set Deleted=1 where " + condition;
return(dbOp);
}
//重载select函数
public static DBOperator SelectData(string condition, object obj, string prefix, string aszAfter)
{
DBOperator dbOp = new DBOperator();
dbOp.ExeType = SqlExeType.Select;
string result = "";
Type objType = obj.GetType();
object[] propsTab = objType.GetCustomAttributes(typeof(DBBindTable), false);
if (propsTab == null)
{
return(null);
}
DBBindTable bindTab = propsTab[0] as DBBindTable;
var clsDesc = RPC.IAutoSLClassDescManager.Instance.GetDBClassDesc(objType);
bool first = true;
foreach (var dbBind in clsDesc.Fields)
{
if (first)
{
result += dbBind.Field;
first = false;
}
else
{
result += "," + dbBind.Field;
}
}
if (string.IsNullOrEmpty(condition))
{
//return "select " + prefix + result + " from " + bindTab.Table + " where Deleted=0" + EndLine;
dbOp.SqlCode = "select " + prefix + result + " from " + bindTab.Table + " where Deleted=0" + " " + aszAfter + EndLine;
}
else
{
//return "select " + prefix + result + " from " + bindTab.Table + " where Deleted=0 and " + condition + EndLine;
dbOp.SqlCode = "select " + prefix + result + " from " + bindTab.Table + " where Deleted=0 and " + condition + " " + aszAfter + EndLine;
}
return(dbOp);
}
public static DBOperator InsertData(string keyCondition, object obj, bool existUpdate)
{
DBOperator dbOp = new DBOperator();
dbOp.ExeType = SqlExeType.Insert;
Type objType = obj.GetType();
object[] propsTab = objType.GetCustomAttributes(typeof(DBBindTable), false);
if (propsTab == null)
{
return(null);
}
DBBindTable bindTab = propsTab[0] as DBBindTable;
string fieldStr = "";
string valueStr = "";
string setStr = "";
bool first = true;
var clsDesc = RPC.IAutoSLClassDescManager.Instance.GetDBClassDesc(objType);
foreach (var dbBind in clsDesc.Fields)
{
System.Reflection.PropertyInfo p = dbBind.Property;
object v = p.GetValue(obj, null);
string valueSql;
bool needStringFlag = true;
if (p.PropertyType.IsEnum)
{
valueSql = System.Convert.ToInt32(v).ToString();
}
else if (p.PropertyType == typeof(System.DateTime))
{
valueSql = System.String.Format("\'{0}\'", v.ToString());
needStringFlag = false;
}
else if (p.PropertyType == typeof(System.Guid))
{
//valueSql = System.String.Format("convert(uniqueidentifier,\'{0}\')", v.ToString());
valueSql = string.Format("\'{0}\'", ((System.Guid)v).ToString("N"));
needStringFlag = false;
}
else if (p.PropertyType == typeof(byte[]))
{
valueSql = System.String.Format("@{0}", dbBind.Field);
needStringFlag = false;
var param = new MySql.Data.MySqlClient.MySqlParameter(valueSql, v);
dbOp.SqlParameters.Add(param);
}
else
{
if (v != null)
{
valueSql = v.ToString();
}
else
{
valueSql = "";
}
//valueSql这个地方要处理数据库攻击,SQL注入
valueSql = SqlSafeString(valueSql);
}
if (first)
{
fieldStr += dbBind.Field;
if (needStringFlag)
{
valueStr += "\'" + valueSql + "\'";
}
else
{
valueStr += valueSql;
}
if (needStringFlag)
{
setStr += " set " + dbBind.Field + "= \'" + valueSql + "\'";
}
else
{
setStr += " set " + dbBind.Field + "= " + valueSql;
}
first = false;
}
else
{
fieldStr += "," + dbBind.Field;
if (needStringFlag)
{
valueStr += ",\'" + valueSql + "\'";
}
else
{
valueStr += "," + valueSql;
}
if (needStringFlag)
{
setStr += "," + dbBind.Field + "=\'" + valueSql + "\'";
}
else
{
setStr += "," + dbBind.Field + "=" + valueSql;
}
}
}
string finalStr = "insert into " + bindTab.Table + " (" + fieldStr + ") values (" + valueStr + ")\r\n";
dbOp.SqlCode = finalStr;
return(dbOp);
}
public static DBOperator UpdateData(string condition, object obj, object templateobj)
{
DBOperator dbOp = new DBOperator();
dbOp.ExeType = SqlExeType.Update;
if (templateobj != null && obj.GetType() != templateobj.GetType())
{
return(null);
}
Type objType = obj.GetType();
object[] propsTab = objType.GetCustomAttributes(typeof(DBBindTable), false);
if (propsTab == null)
{
return(null);
}
DBBindTable bindTab = propsTab[0] as DBBindTable;
var clsDesc = RPC.IAutoSLClassDescManager.Instance.GetDBClassDesc(objType);
bool first = true;
string result = "";
foreach (var dbBind in clsDesc.Fields)
{
System.Reflection.PropertyInfo p = dbBind.Property;
object fv = p.GetValue(obj, null);
if (fv == null)
{
continue;
}
if (templateobj != null && fv.Equals(p.GetValue(templateobj, null)))
{
continue;
}
string valueSql;
bool needStringFlag = true;
if (p.PropertyType.IsEnum)
{
valueSql = System.Convert.ToInt32(fv).ToString();
}
else if (p.PropertyType == typeof(System.DateTime))
{
valueSql = System.String.Format("\'{0}\'", fv.ToString());
needStringFlag = false;
}
else if (p.PropertyType == typeof(System.Guid))
{
//valueSql = System.String.Format("convert(uniqueidentifier,\'{0}\')", fv.ToString());
valueSql = System.String.Format("\'{0}\'", ((System.Guid)fv).ToString("N"));
needStringFlag = false;
}
else if (p.PropertyType == typeof(byte[]))
{
valueSql = System.String.Format("@{0}", dbBind.Field);
needStringFlag = false;
//string sql = "update T_Employee set ImageLogo=@ImageLogo where EmpId=@EmpId";
//byte[] imgSourse = new byte[100];
var param = new MySql.Data.MySqlClient.MySqlParameter(valueSql, fv);
dbOp.SqlParameters.Add(param);
}
else
{
valueSql = fv.ToString();
//防止SQL注入处理
valueSql = SqlSafeString(valueSql);
}
if (first)
{
if (needStringFlag)
{
result += " set " + dbBind.Field + " = \'" + valueSql + "\'";
}
else
{
result += " set " + dbBind.Field + " = " + valueSql;
}
first = false;
}
else
{
if (needStringFlag)
{
result += "," + dbBind.Field + " = \'" + valueSql + "\'";
}
else
{
result += "," + dbBind.Field + " = " + valueSql;
}
}
}
if (result == "")
{
return(null);
}
dbOp.SqlCode = "update " + bindTab.Table + "\r\n" + result + "\r\n where " + condition;
return(dbOp);
}