コード例 #1
0
        public static void Import(XmlDocument xml, ArrayList arrTables, bool bTruncate)
        {
            HttpResponse Response = HttpContext.Current.Response;
            // 12/16/2005 Paul.  First create a hash table to convert tab name to a uppercase table name.
            Hashtable   hashTables = new Hashtable();
            XmlNodeList nlTables   = xml.DocumentElement.ChildNodes;

            foreach (XmlNode node in nlTables)
            {
                if (!hashTables.ContainsKey(node.Name.ToUpper()))
                {
                    hashTables.Add(node.Name.ToUpper(), node.Name);
                }
            }

            ArrayList lstReservedTables = new ArrayList();

            lstReservedTables.Add("CONFIG");
            lstReservedTables.Add("DETAILVIEWS");
            lstReservedTables.Add("DETAILVIEWS_FIELDS");
            lstReservedTables.Add("DETAILVIEWS_RELATIONSHIPS");
            lstReservedTables.Add("EDITVIEWS");
            lstReservedTables.Add("EDITVIEWS_FIELDS");
            lstReservedTables.Add("GRIDVIEWS");
            lstReservedTables.Add("GRIDVIEWS_COLUMNS");
            lstReservedTables.Add("LANGUAGES");
            lstReservedTables.Add("MODULES");
            lstReservedTables.Add("SHORTCUTS");
            lstReservedTables.Add("TERMINOLOGY");
            lstReservedTables.Add("TIMEZONES");

            StringBuilder     sbErrors = new StringBuilder();
            DbProviderFactory dbf      = DbProviderFactories.GetFactory();

            if (arrTables == null)
            {
                arrTables = new ArrayList();
                using (IDbConnection con = dbf.CreateConnection())
                {
                    con.Open();
                    using (IDbCommand cmd = con.CreateCommand())
                    {
                        cmd.CommandText = "select * from vwSqlTableDependencies order by 2, 1";
                        using (DbDataAdapter da = dbf.CreateDataAdapter())
                        {
                            ((IDbDataAdapter)da).SelectCommand = cmd;
                            using (DataTable dt = new DataTable())
                            {
                                da.Fill(dt);
                                for (int i = 0; i < dt.Rows.Count; i++)
                                {
                                    DataRow row = dt.Rows[i];
                                    arrTables.Add(row["name"].ToString());
                                }
                            }
                        }
                        if (bTruncate)
                        {
                            cmd.CommandText = "select * from vwSqlTableDependencies order by 2 desc, 1 desc";
                            using (DbDataAdapter da = dbf.CreateDataAdapter())
                            {
                                ((IDbDataAdapter)da).SelectCommand = cmd;
                                using (DataTable dt = new DataTable())
                                {
                                    da.Fill(dt);
                                    for (int i = 0; i < dt.Rows.Count && Response.IsClientConnected; i++)
                                    {
                                        DataRow row         = dt.Rows[i];
                                        string  sTABLE_NAME = row["name"].ToString().ToUpper();
                                        // 12/18/2005 Paul.  Some tables are reserved and should not be truncated or imported.
                                        if (lstReservedTables.Contains(sTABLE_NAME))
                                        {
                                            continue;
                                        }
                                        // 12/18/2005 Paul.  Only truncate tables that are being imported.
                                        if (hashTables.ContainsKey(sTABLE_NAME))
                                        {
                                            try
                                            {
                                                if (sTABLE_NAME == "USERS")
                                                {
                                                    // 12/17/2005 Paul.  Don't delete the existing user, otherwise it will cause a login problem in the future.
                                                    cmd.CommandText = "delete from USERS where ID != @ID";
                                                    Sql.AddParameter(cmd, "@ID", Security.USER_ID);
                                                }
                                                else
                                                {
                                                    cmd.CommandText = "delete from " + sTABLE_NAME;
                                                }
                                                cmd.ExecuteNonQuery();
                                                Response.Write(" ");                                                 // Write a singe byte to keep the connection open.
                                            }
                                            catch (Exception ex)
                                            {
                                                LogError(ref sbErrors, Sql.ExpandParameters(cmd), ex.Message);
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
            for (int i = 0; i < arrTables.Count && Response.IsClientConnected; i++)
            {
                string sTABLE_NAME = arrTables[i].ToString().ToUpper();
                // 12/18/2005 Paul.  Some tables are reserved and should not be truncated or imported.
                if (lstReservedTables.Contains(sTABLE_NAME))
                {
                    continue;
                }
                if (hashTables.ContainsKey(sTABLE_NAME))
                {
                    string sXML_TABLE_NAME = hashTables[sTABLE_NAME].ToString();

                    XmlNodeList nlRows = xml.DocumentElement.SelectNodes(sXML_TABLE_NAME);
                    if (nlRows.Count > 0)
                    {
                        SplendidError.SystemWarning(new StackTrace(true).GetFrame(0), "Import Database Table: " + sTABLE_NAME);
                        // 12/17/2005 Paul.  Use a new connection for each table import so that connection state will be reset.
                        // My main concern is that the identity_insert gets reset.
                        using (IDbConnection con = dbf.CreateConnection())
                        {
                            con.Open();
                            try
                            {
                                if (Sql.IsSQLServer(con))
                                {
                                    // 12/17/2005 Paul.  In SQL Server, turn on identity_insert.
                                    string sIDENTITY_NAME = String.Empty;
                                    switch (sIDENTITY_NAME)
                                    {
                                    case "BUGS": sIDENTITY_NAME = "BUGS";  break;

                                    case "CASES": sIDENTITY_NAME = "CASES";  break;

                                    case "CAMPAIGNS": sIDENTITY_NAME = "CAMPAIGNS";  break;

                                    case "PROSPECTS": sIDENTITY_NAME = "PROSPECTS";  break;
                                    }
                                    if (!Sql.IsEmptyString(sIDENTITY_NAME))
                                    {
                                        IDbCommand cmdIdentity = con.CreateCommand();
                                        cmdIdentity.CommandText = "set identity_insert " + sIDENTITY_NAME + " on";
                                        cmdIdentity.ExecuteNonQuery();
                                    }
                                }
                                else if (Sql.IsOracle(con))
                                {
                                    // 12/17/2005 Paul.  In Oracle, disable sequence triggers.
                                    string sTRIGGER_NAME = String.Empty;
                                    switch (sTABLE_NAME)
                                    {
                                    case "BUGS": sTRIGGER_NAME = "TR_S_BUGS_BUG_NUMBER";  break;

                                    case "CASES": sTRIGGER_NAME = "TR_S_CASES_CASE_NUMBER";  break;

                                    case "CAMPAIGNS": sTRIGGER_NAME = "TR_S_CAMPAIGNS_TRACKER_KEY";  break;

                                    case "PROSPECTS": sTRIGGER_NAME = "TR_S_PROSPECTS_TRACKER_KEY";  break;
                                    }
                                    if (!Sql.IsEmptyString(sTRIGGER_NAME))
                                    {
                                        IDbCommand cmdTrigger = con.CreateCommand();
                                        cmdTrigger.CommandText = "alter trigger " + sTRIGGER_NAME + " disable";
                                        cmdTrigger.ExecuteNonQuery();
                                    }
                                }

                                int        nTableErrors = 0;
                                IDbCommand cmdImport    = Sql.CreateInsertParameters(con, sTABLE_NAME);
                                foreach (XmlNode node in nlRows)
                                {
                                    if (!Response.IsClientConnected)
                                    {
                                        break;
                                    }
                                    foreach (IDataParameter par in cmdImport.Parameters)
                                    {
                                        par.Value = DBNull.Value;
                                    }
                                    for (int j = 0; j < node.ChildNodes.Count; j++)
                                    {
                                        // 12/18/2005 Paul.  A short-sighted programmer at SugarCRM created GUIDs with invalid characters.
                                        // We need to convert them to valid GUIDs.
                                        string sText = node.ChildNodes[j].InnerText;
                                        // 08/20/2006 Paul.  Dynamically attempt to fix invalid GUIDs. It really only works for the ones defined below.
                                        string sName = node.ChildNodes[j].Name.ToUpper();
                                        if (sName == "ID" || sName.EndsWith("_ID"))
                                        {
                                            if (sText.Length < 36)
                                            {
                                                sText = "00000000-0000-0000-0000-000000000000".Substring(0, 36 - sText.Length) + sText;
                                            }
                                        }
                                        switch (sText)
                                        {
                                        case "00000000-0000-0000-0000-000000jim_id":  sText = "00000000-0000-0000-0001-000000000000";  break;

                                        case "00000000-0000-0000-0000-000000max_id":  sText = "00000000-0000-0000-0002-000000000000";  break;

                                        case "00000000-0000-0000-0000-00000will_id":  sText = "00000000-0000-0000-0003-000000000000";  break;

                                        case "00000000-0000-0000-0000-0000chris_id":  sText = "00000000-0000-0000-0004-000000000000";  break;

                                        case "00000000-0000-0000-0000-0000sally_id":  sText = "00000000-0000-0000-0005-000000000000";  break;

                                        case "00000000-0000-0000-0000-0000sarah_id":  sText = "00000000-0000-0000-0006-000000000000";  break;
                                        }
                                        Sql.SetParameter(cmdImport, node.ChildNodes[j].Name, sText);
                                    }
                                    // 12/18/2005 Paul.  ID can never be NULL.  SugarCRM does not use an ID in the CONFIG or USERS_FEEDS table.
                                    IDbDataParameter parID = Sql.FindParameter(cmdImport, "@ID");
                                    if (parID != null)
                                    {
                                        // 12/18/2005 Paul. GUIDs from SugarCRM may not be 36 characters.
                                        string sID = Sql.ToString(parID.Value);
                                        if (parID.Value != DBNull.Value)
                                        {
                                            if (sID.Length < 36)
                                            {
                                                // 07/31/2006 Paul.  Stop using VisualBasic library to increase compatibility with Mono.
                                                parID.Value = "00000000-0000-0000-0000-000000000000".Substring(0, 36 - sID.Length) + sID;
                                            }
                                        }
                                        if (Sql.IsEmptyGuid(parID.Value))
                                        {
                                            if (parID.DbType == DbType.Guid)
                                            {
                                                parID.Value = Guid.NewGuid();
                                            }
                                            else
                                            {
                                                parID.Value = Guid.NewGuid().ToString();
                                            }
                                        }
                                    }
                                    // 12/18/2005 Paul.  DATE_ENTERED can never be NULL.  SugarCRM does not use DATE_ENTERED in a number of tables.
                                    IDbDataParameter parDATE_ENTERED = Sql.FindParameter(cmdImport, "@DATE_ENTERED");
                                    if (parDATE_ENTERED != null)
                                    {
                                        if (parDATE_ENTERED.Value == DBNull.Value)
                                        {
                                            parDATE_ENTERED.Value = DateTime.Now;
                                        }
                                    }
                                    // 12/18/2005 Paul.  DATE_MODIFIED can never be NULL.  SugarCRM does not use DATE_MODIFIED in a number of tables.
                                    IDbDataParameter parDATE_MODIFIED = Sql.FindParameter(cmdImport, "@DATE_MODIFIED");
                                    if (parDATE_MODIFIED != null)
                                    {
                                        if (parDATE_MODIFIED.Value == DBNull.Value)
                                        {
                                            parDATE_MODIFIED.Value = DateTime.Now;
                                        }
                                    }
                                    try
                                    {
                                        cmdImport.ExecuteNonQuery();
                                        Response.Write(" ");
                                    }
                                    catch (Exception ex)
                                    {
                                        LogError(ref sbErrors, Sql.ExpandParameters(cmdImport), ex.Message);
                                        // 12/17/2005 Paul.  If there is an error, stop importing from this table.
                                        // 12/18/2005 Paul.  I'd like to see the first 100 errors.
                                        nTableErrors++;
                                        if (nTableErrors > 100)
                                        {
                                            break;
                                        }
                                    }
                                }
                            }
                            catch (Exception ex)
                            {
                                LogError(ref sbErrors, sTABLE_NAME, ex.Message);
                            }
                            finally
                            {
                                try
                                {
                                    if (Sql.IsSQLServer(con))
                                    {
                                        // 12/17/2005 Paul.  In SQL Server, turn off identity_insert.
                                        string sIDENTITY_NAME = String.Empty;
                                        switch (sIDENTITY_NAME)
                                        {
                                        case "BUGS": sIDENTITY_NAME = "BUGS";  break;

                                        case "CASES": sIDENTITY_NAME = "CASES";  break;

                                        case "CAMPAIGNS": sIDENTITY_NAME = "CAMPAIGNS";  break;

                                        case "PROSPECTS": sIDENTITY_NAME = "PROSPECTS";  break;
                                        }
                                        if (!Sql.IsEmptyString(sIDENTITY_NAME))
                                        {
                                            IDbCommand cmdIdentity = con.CreateCommand();
                                            cmdIdentity.CommandText = "set identity_insert " + sIDENTITY_NAME + " off";
                                            cmdIdentity.ExecuteNonQuery();
                                        }
                                    }
                                    else if (Sql.IsOracle(con))
                                    {
                                        // 12/17/2005 Paul.  In Oracle, enable sequence triggers.
                                        string sTRIGGER_NAME = String.Empty;
                                        switch (sTABLE_NAME)
                                        {
                                        case "BUGS": sTRIGGER_NAME = "TR_S_BUGS_BUG_NUMBER";  break;

                                        case "CASES": sTRIGGER_NAME = "TR_S_CASES_CASE_NUMBER";  break;

                                        case "CAMPAIGNS": sTRIGGER_NAME = "TR_S_CAMPAIGNS_TRACKER_KEY";  break;

                                        case "PROSPECTS": sTRIGGER_NAME = "TR_S_PROSPECTS_TRACKER_KEY";  break;
                                        }
                                        if (!Sql.IsEmptyString(sTRIGGER_NAME))
                                        {
                                            IDbCommand cmdTrigger = con.CreateCommand();
                                            cmdTrigger.CommandText = "alter trigger " + sTRIGGER_NAME + " enable";
                                            cmdTrigger.ExecuteNonQuery();
                                        }
                                    }
                                }
                                catch (Exception ex)
                                {
                                    LogError(ref sbErrors, sTABLE_NAME, ex.Message);
                                }
                            }
                        }
                        Response.Write(" ");                         // Write a singe byte to keep the connection open.
                    }
                }
            }
            // 12/18/2005 Paul.  Reserved tables will still be imported, but we use the associated spXXX_Update procedure.
            for (int i = 0; i < arrTables.Count && Response.IsClientConnected; i++)
            {
                string sTABLE_NAME = arrTables[i].ToString().ToUpper();
                if (hashTables.ContainsKey(sTABLE_NAME) && lstReservedTables.Contains(sTABLE_NAME))
                {
                    string sXML_TABLE_NAME = hashTables[sTABLE_NAME].ToString();

                    XmlNodeList nlRows = xml.DocumentElement.SelectNodes(sXML_TABLE_NAME);
                    if (nlRows.Count > 0)
                    {
                        SplendidError.SystemWarning(new StackTrace(true).GetFrame(0), "Import Database Table: " + sTABLE_NAME);
                        // 12/17/2005 Paul.  Use a new connection for each table import so that connection state will be reset.
                        // My main concern is that the identity_insert gets reset.
                        using (IDbConnection con = dbf.CreateConnection())
                        {
                            con.Open();
                            try
                            {
                                int        nTableErrors = 0;
                                IDbCommand cmdImport    = SqlProcs.Factory(con, "sp" + sTABLE_NAME + "_Update");
                                foreach (XmlNode node in nlRows)
                                {
                                    if (!Response.IsClientConnected)
                                    {
                                        break;
                                    }
                                    foreach (IDataParameter par in cmdImport.Parameters)
                                    {
                                        par.Value = DBNull.Value;
                                    }
                                    for (int j = 0; j < node.ChildNodes.Count; j++)
                                    {
                                        string sText = node.ChildNodes[j].InnerText;
                                        Sql.SetParameter(cmdImport, node.ChildNodes[j].Name, sText);
                                    }
                                    // 12/18/2005 Paul.  ID can never be NULL.  SugarCRM does not use an ID in the CONFIG or USERS_FEEDS table.
                                    IDbDataParameter parID = Sql.FindParameter(cmdImport, "@ID");
                                    if (parID != null)
                                    {
                                        // 12/18/2005 Paul. GUIDs from SugarCRM may not be 36 characters.
                                        string sID = Sql.ToString(parID.Value);
                                        if (parID.Value != DBNull.Value)
                                        {
                                            if (sID.Length < 36)
                                            {
                                                // 07/31/2006 Paul.  Stop using VisualBasic library to increase compatibility with Mono.
                                                parID.Value = "00000000-0000-0000-0000-000000000000".Substring(0, 36 - sID.Length) + sID;
                                            }
                                        }
                                    }
                                    try
                                    {
                                        cmdImport.ExecuteNonQuery();
                                        Response.Write(" ");
                                    }
                                    catch (Exception ex)
                                    {
                                        LogError(ref sbErrors, Sql.ExpandParameters(cmdImport), ex.Message);
                                        // 12/17/2005 Paul.  If there is an error, stop importing from this table.
                                        // 12/18/2005 Paul.  I'd like to see the first 100 errors.
                                        nTableErrors++;
                                        if (nTableErrors > 100)
                                        {
                                            break;
                                        }
                                    }
                                }
                            }
                            catch (Exception ex)
                            {
                                LogError(ref sbErrors, sTABLE_NAME, ex.Message);
                            }
                        }
                        Response.Write(" ");                         // Write a singe byte to keep the connection open.
                    }
                }
            }
            if (sbErrors.Length > 0)
            {
                throw(new Exception(sbErrors.ToString()));
            }
        }
コード例 #2
0
        public string BuildQuery(string sCondition, string sField, bool bTextField)
        {
            StringBuilder sbSqlQuery = new StringBuilder();
            int           nNotFlag   = 0;
            bool          bOrFlag    = false;
            int           nQueryLine = 0;
            int           nLessFlag  = 0;
            bool          bEqualFlag = false;

            sbSqlQuery.Append(sCondition);
            sbSqlQuery.Append("(");

            bool bIsOracle        = false;
            bool bIsDB2           = false;
            bool bIsMySQL         = false;
            DbProviderFactory dbf = DbProviderFactories.GetFactory();

            using (IDbConnection con = dbf.CreateConnection())
            {
                using (IDbCommand cmd = con.CreateCommand())
                {
                    bIsOracle = Sql.IsOracle(cmd);
                    bIsDB2    = Sql.IsDB2(cmd);
                    bIsMySQL  = Sql.IsMySQL(cmd);
                }
            }
            // 07/16/2006 Paul.  Now that we know the database platform, only use the upper clause if Oracle or DB2.
            if (bIsOracle || bIsDB2)
            {
                //Can't do an upper() on NTEXT.  SQL Server complains.
                // 01/16/2008 Paul.  We don't use the bTextField anymore, and I could not find any places where we searched an NTEXT field anyway.
                //if ( !bTextField )
                sField = "upper(" + sField + ")";
            }

            foreach (string sThisToken in m_arrTokens)
            {
                if (m_bFeatureMIMUS && sThisToken == "-")
                {
                    nNotFlag = 1;
                }
                else if (m_bFeaturePLUS && sThisToken == "+")
                {
                    nNotFlag = 2;
                }
                else if (m_bFeatureOR && (sThisToken == m_sTermOR || sThisToken == "OR"))
                {
                    bOrFlag = true;
                }
                else if (m_bFeatureAND && (sThisToken == m_sTermAND || sThisToken == "AND"))
                {
                    bOrFlag = false;
                }
                else if (m_bFeatureNOT && (sThisToken == m_sTermNOT || sThisToken == "NOT"))
                {
                    nNotFlag = 1;
                }
                // 12/17/2007 Paul.  Add support for <, <=, > and >=.
                else if (m_bFeatureLESS && sThisToken == "<")
                {
                    nLessFlag = 1;
                }
                else if (m_bFeatureLESS && sThisToken == ">")
                {
                    nLessFlag = -1;
                }
                // 12/17/2007 Paul.  Add support for ! and !=.  They are both the same.
                else if (m_bFeatureEXCL && sThisToken == "!")
                {
                    nNotFlag = 1;
                }
                else if (m_bFeatureEQUAL && sThisToken == "=")
                {
                    bEqualFlag = true;
                }
                else
                {
                    if (sThisToken.Length > 0)
                    {
                        //Google ignores single digit and single letters unless + or - is used.
                        if (!m_bFeatureSINGLE || nNotFlag > 0 || sThisToken.Length > 1 || !Char.IsLetterOrDigit(sThisToken[0]))
                        {
                            //Ignore quoted strings that contain nothing after the quote.
                            if (sThisToken[0] != '\"' || sThisToken.Length > 1)
                            {
                                //Add spaces to the line to align the fields.
                                if (nQueryLine > 0)
                                {
                                    sbSqlQuery.Append(Strings.Space(sCondition.Length));
                                    if (bOrFlag)
                                    {
                                        sbSqlQuery.Append("    or ");
                                    }
                                    else
                                    {
                                        sbSqlQuery.Append("   and ");
                                    }
                                }
                                else
                                {
                                    sbSqlQuery.Append("      ");
                                }
                                if (nNotFlag == 1)
                                {
                                    sbSqlQuery.Append("not ");
                                }
                                else
                                {
                                    sbSqlQuery.Append("    ");
                                }

                                //Remove the double quote flag from a quoted string.
                                string sToken = sThisToken;
                                if (sToken[0] == '\"')
                                {
                                    sToken = sThisToken.Substring(1);
                                }

                                // 12/17/2007 Paul.  Wildcards will have a higher priority over greater than or less than.
                                if (m_bFeatureSTAR && sToken.IndexOf('*') >= 0)
                                {
                                    //Escape to prevent use of % as a wild-card.
                                    sToken = EscapeLike(sToken);
                                    // 07/16/2006 Paul.  SQL Server, Oracle and DB2 all support the ESCAPE '\' clause.
                                    if (bIsMySQL)
                                    {
                                        sToken = sToken.Replace("\\", "\\\\");
                                    }
                                    sToken = sToken.Replace("*", "%");
                                    sbSqlQuery.Append(sField + " like '" + sToken + "'");
                                    // 07/16/2006 Paul.  MySQL requires that slashes be escaped, even in the escape clause.
                                    if (bIsMySQL)
                                    {
                                        sbSqlQuery.Append(" escape '\\\\'" + ControlChars.CrLf);
                                    }
                                    else
                                    {
                                        sbSqlQuery.Append(" escape '\\'" + ControlChars.CrLf);
                                    }
                                }
                                else
                                {
                                    if (nLessFlag == 0)
                                    {
                                        if (bEqualFlag)
                                        {
                                            // 12/17/2007 Paul.  Single quotes need to be manually escaped.
                                            sToken = EscapeSql(sToken);
                                            sbSqlQuery.Append(sField + " = '" + sToken + "'");
                                        }
                                        else
                                        {
                                            //Escape to prevent use of % as a wild-card.
                                            sToken = EscapeLike(sToken);
                                            // 07/16/2006 Paul.  SQL Server, Oracle and DB2 all support the ESCAPE '\' clause.
                                            if (bIsMySQL)
                                            {
                                                sToken = sToken.Replace("\\", "\\\\");
                                            }
                                            sbSqlQuery.Append(sField + " like '%" + sToken + "%'");
                                            // 07/16/2006 Paul.  MySQL requires that slashes be escaped, even in the escape clause.
                                            if (bIsMySQL)
                                            {
                                                sbSqlQuery.Append(" escape '\\\\'" + ControlChars.CrLf);
                                            }
                                            else
                                            {
                                                sbSqlQuery.Append(" escape '\\'" + ControlChars.CrLf);
                                            }
                                        }
                                    }
                                    else
                                    {
                                        // 12/17/2007 Paul.  Single quotes need to be manually escaped.
                                        sToken = EscapeSql(sToken);
                                        if (nLessFlag == 1)
                                        {
                                            if (bEqualFlag)
                                            {
                                                sbSqlQuery.Append(sField + " <= '" + sToken + "'");
                                            }
                                            else
                                            {
                                                sbSqlQuery.Append(sField + " < '" + sToken + "'");
                                            }
                                        }
                                        else if (nLessFlag == -1)
                                        {
                                            if (bEqualFlag)
                                            {
                                                sbSqlQuery.Append(sField + " >= '" + sToken + "'");
                                            }
                                            else
                                            {
                                                sbSqlQuery.Append(sField + " > '" + sToken + "'");
                                            }
                                        }
                                    }
                                }

                                nQueryLine += 1;
                            }
                        }
                    }
                    nNotFlag   = 0;
                    bOrFlag    = false;
                    bEqualFlag = false;
                    nLessFlag  = 0;
                }
            }
            if (nQueryLine > 0)
            {
                sbSqlQuery.Append(Strings.Space(sCondition.Length) + ")" + ControlChars.CrLf);
                return(sbSqlQuery.ToString());
            }
            return(String.Empty);
        }
コード例 #3
0
        public static bool LoginUser(string sUSER_NAME, string sPASSWORD, string sTHEME, string sLANGUAGE, string sUSER_DOMAIN, bool bIS_ADMIN)
        {
            HttpApplicationState Application = HttpContext.Current.Application;
            HttpSessionState     Session     = HttpContext.Current.Session;

            bool bValidUser       = false;
            DbProviderFactory dbf = DbProviderFactories.GetFactory();

            using (IDbConnection con = dbf.CreateConnection())
            {
                con.Open();
                string sSQL;
                // 03/22/2006 Paul.  The user name should be case-insignificant.  The password is case-significant.
                // 03/22/2006 Paul.  DB2 does not like lower(USER_NAME) = lower(@USER_NAME).  It returns the following error.
                // ERROR [42610] [IBM][DB2/NT] SQL0418N A statement contains a use of a parameter marker that is not valid. SQLSTATE=42610
                // 05/23/2006 Paul.  Use vwUSERS_Login so that USER_HASH can be removed from vwUSERS to prevent its use in reports.
                sSQL = "select ID                           " + ControlChars.CrLf
                       + "     , USER_NAME                    " + ControlChars.CrLf
                       + "     , FULL_NAME                    " + ControlChars.CrLf
                       + "     , IS_ADMIN                     " + ControlChars.CrLf
                       + "     , STATUS                       " + ControlChars.CrLf
                       + "     , PORTAL_ONLY                  " + ControlChars.CrLf
                       + "  from vwUSERS_Login                " + ControlChars.CrLf
                       + " where lower(USER_NAME) = @USER_NAME" + ControlChars.CrLf;
                using (IDbCommand cmd = con.CreateCommand())
                {
                    cmd.CommandText = sSQL;

/*
 #if DEBUG
 *                                      if ( sUSER_NAME == "paulrony" && Sql.ToString(Application["SplendidProvider"]) == "MySql.Data" )
 *                                              sUSER_NAME = "admin";
 #endif
 */
                    // 03/22/2006 Paul.  Convert the name to lowercase here.
                    Sql.AddParameter(cmd, "@USER_NAME", sUSER_NAME.ToLower());
                    // 11/19/2005 Paul.  sUSER_DOMAIN is used to determine if NTLM is enabled.
                    if (Sql.IsEmptyString(sUSER_DOMAIN))
                    {
                        if (!Sql.IsEmptyString(sPASSWORD))
                        {
                            string sUSER_HASH = Security.HashPassword(sPASSWORD);
                            cmd.CommandText += "   and USER_HASH = @USER_HASH" + ControlChars.CrLf;
                            Sql.AddParameter(cmd, "@USER_HASH", sUSER_HASH);
                        }
                        else
                        {
                            // 11/19/2005 Paul.  Handle the special case of the password stored as NULL or empty string.
                            cmd.CommandText += "   and (USER_HASH = '' or USER_HASH is null)" + ControlChars.CrLf;
                        }
                    }
                    using (IDataReader rdr = cmd.ExecuteReader())
                    {
                        string sApplicationPath = Sql.ToString(Application["rootURL"]);
                        if (rdr.Read())
                        {
                            // 11/19/2005 Paul.  Clear all session values.
                            Session.Clear();
                            Security.USER_ID     = Sql.ToGuid(rdr["ID"]);
                            Security.USER_NAME   = Sql.ToString(rdr["USER_NAME"]);
                            Security.FULL_NAME   = Sql.ToString(rdr["FULL_NAME"]);
                            Security.IS_ADMIN    = Sql.ToBoolean(rdr["IS_ADMIN"]);
                            Security.PORTAL_ONLY = Sql.ToBoolean(rdr["PORTAL_ONLY"]);

                            Guid gUSER_ID = Sql.ToGuid(rdr["ID"]);
                            // 08/08/2006 Paul.  Don't supply the Language as it prevents the user value from being used.
                            // This bug is a hold-over from the time we removed the Lauguage combo from the login screen.
                            LoadUserPreferences(gUSER_ID, sTHEME, String.Empty);
                            LoadUserACL(gUSER_ID);
                            bValidUser = true;
                            SplendidError.SystemWarning(new StackTrace(true).GetFrame(0), "User login.");
                        }
                        else if (Security.IsWindowsAuthentication())
                        {
                            // 11/04/2005.  If user does not exist, then create it, but only if NTLM is used.
                            Guid gUSER_ID = Guid.Empty;
                            SqlProcs.spUSERS_InsertNTLM(ref gUSER_ID, sUSER_DOMAIN, sUSER_NAME, bIS_ADMIN);

                            // 11/19/2005 Paul.  Clear all session values.
                            Session.Clear();
                            Security.USER_ID     = gUSER_ID;
                            Security.USER_NAME   = sUSER_NAME;
                            Security.IS_ADMIN    = bIS_ADMIN;
                            Security.PORTAL_ONLY = false;
                            // 11/21/2005 Paul.  Load the preferences to initialize cuture, date, time and currency preferences.
                            LoadUserPreferences(gUSER_ID, String.Empty, String.Empty);
                            LoadUserACL(gUSER_ID);
                            bValidUser = true;
                            SplendidError.SystemWarning(new StackTrace(true).GetFrame(0), "User login.");
                        }
                        else
                        {
                            // 11/22/2005 Paul.  Initialize preferences even if login fails so that the theme gets set to the default value.
                            LoadUserPreferences(Guid.Empty, String.Empty, String.Empty);
                        }
                    }
                }
            }
            return(bValidUser);            // throw(new Exception("Users.ERR_INVALID_PASSWORD"));
        }
コード例 #4
0
        public static void InitTerminology()
        {
            try
            {
                HttpApplicationState Application = HttpContext.Current.Application;
                DbProviderFactory    dbf         = DbProviderFactories.GetFactory();
                using (IDbConnection con = dbf.CreateConnection())
                {
                    con.Open();
                    string sSQL;
                    sSQL = "select NAME             " + ControlChars.CrLf
                           + "     , LANG             " + ControlChars.CrLf
                           + "     , MODULE_NAME      " + ControlChars.CrLf
                           + "     , DISPLAY_NAME     " + ControlChars.CrLf
                           + "  from vwTERMINOLOGY    " + ControlChars.CrLf
                           + " where LIST_NAME is null" + ControlChars.CrLf;
                    using (IDbCommand cmd = con.CreateCommand())
                    {
// 01/20/2006 Paul.  Enable all languages when debugging.
//#if DEBUG
//						sSQL += "   and LANG = 'en-us'" + ControlChars.CrLf;
//#endif
                        cmd.CommandText = sSQL;
                        using (IDataReader rdr = cmd.ExecuteReader())
                        {
                            while (rdr.Read())
                            {
                                //Application[Sql.ToString(rdr["LANG"]) + "." + Sql.ToString(rdr["MODULE_NAME"]) + "." + Sql.ToString(rdr["NAME"])] = Sql.ToString(rdr["DISPLAY_NAME"]);
                                string sLANG         = Sql.ToString(rdr["LANG"]);
                                string sMODULE_NAME  = Sql.ToString(rdr["MODULE_NAME"]);
                                string sNAME         = Sql.ToString(rdr["NAME"]);
                                string sDISPLAY_NAME = Sql.ToString(rdr["DISPLAY_NAME"]);
                                L10N.SetTerm(sLANG, sMODULE_NAME, sNAME, sDISPLAY_NAME);
                            }
                        }
                    }
                    sSQL = "select NAME                 " + ControlChars.CrLf
                           + "     , LANG                 " + ControlChars.CrLf
                           + "     , MODULE_NAME          " + ControlChars.CrLf
                           + "     , LIST_NAME            " + ControlChars.CrLf
                           + "     , DISPLAY_NAME         " + ControlChars.CrLf
                           + "  from vwTERMINOLOGY        " + ControlChars.CrLf
                           + " where LIST_NAME is not null" + ControlChars.CrLf;
                    using (IDbCommand cmd = con.CreateCommand())
                    {
// 01/20/2006 Paul.  Enable all languages when debugging.
//#if DEBUG
//						sSQL += "   and LANG = 'en-us'" + ControlChars.CrLf;
//#endif
                        cmd.CommandText = sSQL;
                        using (IDataReader rdr = cmd.ExecuteReader())
                        {
                            while (rdr.Read())
                            {
                                // 01/13/2006 Paul.  Don't include MODULE_NAME when used with a list.
                                // DropDownLists are populated without the module name in the list name.
                                // 01/13/2006 Paul.  We can remove the module, but not the dot.
                                // Otherwise it breaks all other code that references a list term.
                                //Application[Sql.ToString(rdr["LANG"]) + "." + sMODULE_NAME + "." + Sql.ToString(rdr["LIST_NAME"]) + "." + Sql.ToString(rdr["NAME"])] = Sql.ToString(rdr["DISPLAY_NAME"]);
                                string sLANG         = Sql.ToString(rdr["LANG"]);
                                string sMODULE_NAME  = Sql.ToString(rdr["MODULE_NAME"]);
                                string sNAME         = Sql.ToString(rdr["NAME"]);
                                string sLIST_NAME    = Sql.ToString(rdr["LIST_NAME"]);
                                string sDISPLAY_NAME = Sql.ToString(rdr["DISPLAY_NAME"]);
                                L10N.SetTerm(sLANG, sMODULE_NAME, sLIST_NAME, sNAME, sDISPLAY_NAME);
                            }
                        }
                    }

                    sSQL = "select ALIAS_NAME           " + ControlChars.CrLf
                           + "     , ALIAS_MODULE_NAME    " + ControlChars.CrLf
                           + "     , ALIAS_LIST_NAME      " + ControlChars.CrLf
                           + "     , NAME                 " + ControlChars.CrLf
                           + "     , MODULE_NAME          " + ControlChars.CrLf
                           + "     , LIST_NAME            " + ControlChars.CrLf
                           + "  from vwTERMINOLOGY_ALIASES" + ControlChars.CrLf;
                    using (IDbCommand cmd = con.CreateCommand())
                    {
                        cmd.CommandText = sSQL;
                        using (IDataReader rdr = cmd.ExecuteReader())
                        {
                            while (rdr.Read())
                            {
                                string sALIAS_NAME        = Sql.ToString(rdr["ALIAS_NAME"]);
                                string sALIAS_MODULE_NAME = Sql.ToString(rdr["ALIAS_MODULE_NAME"]);
                                string sALIAS_LIST_NAME   = Sql.ToString(rdr["ALIAS_LIST_NAME"]);
                                string sNAME        = Sql.ToString(rdr["NAME"]);
                                string sMODULE_NAME = Sql.ToString(rdr["MODULE_NAME"]);
                                string sLIST_NAME   = Sql.ToString(rdr["LIST_NAME"]);
                                L10N.SetAlias(sALIAS_MODULE_NAME, sALIAS_LIST_NAME, sALIAS_NAME, sMODULE_NAME, sLIST_NAME, sNAME);
                            }
                        }
                    }

                    // 07/13/2006 Paul.  The reporting module needs a quick way to translate a module name to a table name.
                    sSQL = "select MODULE_NAME" + ControlChars.CrLf
                           + "     , TABLE_NAME " + ControlChars.CrLf
                           + "  from vwMODULES  " + ControlChars.CrLf;
                    using (IDbCommand cmd = con.CreateCommand())
                    {
                        cmd.CommandText = sSQL;
                        using (IDataReader rdr = cmd.ExecuteReader())
                        {
                            while (rdr.Read())
                            {
                                string sMODULE_NAME = Sql.ToString(rdr["MODULE_NAME"]);
                                string sTABLE_NAME  = Sql.ToString(rdr["TABLE_NAME"]);
                                Application["Modules." + sMODULE_NAME + ".TableName"] = sTABLE_NAME;
                            }
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                SplendidError.SystemError(new StackTrace(true).GetFrame(0), ex.Message);
                //HttpContext.Current.Response.Write(ex.Message);
            }
        }
コード例 #5
0
        public static void LoadUserPreferences(Guid gID, string sTheme, string sCulture)
        {
            HttpApplicationState Application = HttpContext.Current.Application;
            HttpSessionState     Session     = HttpContext.Current.Session;
            string sApplicationPath          = Sql.ToString(Application["rootURL"]);

            DbProviderFactory dbf = DbProviderFactories.GetFactory();

            using (IDbConnection con = dbf.CreateConnection())
            {
                string sSQL;
                sSQL = "select *           " + ControlChars.CrLf
                       + "  from vwUSERS_Edit" + ControlChars.CrLf
                       + " where ID = @ID    " + ControlChars.CrLf;
                using (IDbCommand cmd = con.CreateCommand())
                {
                    cmd.CommandText = sSQL;
                    Sql.AddParameter(cmd, "@ID", gID);
                    con.Open();
                    using (IDataReader rdr = cmd.ExecuteReader(CommandBehavior.SingleRow))
                    {
                        if (rdr.Read())
                        {
                            string sUSER_PREFERENCES = Sql.ToString(rdr["USER_PREFERENCES"]);
                            if (!Sql.IsEmptyString(sUSER_PREFERENCES))
                            {
                                XmlDocument xml = InitUserPreferences(sUSER_PREFERENCES);
                                Session["USER_PREFERENCES"] = xml.OuterXml;
                                // 11/19/2005 Paul.  Not sure why the login screen has the language, but it would seem to allow overriding the default.
                                if (Sql.IsEmptyString(sCulture))
                                {
                                    sCulture = XmlUtil.SelectSingleNode(xml, "culture").Replace("_", "-");
                                }
                                // 11/22/2005 Paul.  The theme can be overridden as well.
                                if (Sql.IsEmptyString(sTheme))
                                {
                                    sTheme = XmlUtil.SelectSingleNode(xml, "theme").Replace("_", "-");
                                }
                                Session["USER_SETTINGS/CULTURE"] = sCulture;
                                Session["USER_SETTINGS/THEME"]   = sTheme;
                                Session["themeURL"] = sApplicationPath + "Themes/" + sTheme + "/";
                                Session["USER_SETTINGS/DATEFORMAT"] = XmlUtil.SelectSingleNode(xml, "dateformat");
                                Session["USER_SETTINGS/TIMEFORMAT"] = XmlUtil.SelectSingleNode(xml, "timeformat");
                                // 01/21/2006 Paul.  It is useful to have quick access to email address.
                                Session["USER_SETTINGS/MAIL_FROMNAME"]    = XmlUtil.SelectSingleNode(xml, "mail_fromname");
                                Session["USER_SETTINGS/MAIL_FROMADDRESS"] = XmlUtil.SelectSingleNode(xml, "mail_fromaddress");
                                // 05/09/2006 Paul.  Initialize the numeric separators.
                                Session["USER_SETTINGS/GROUP_SEPARATOR"]   = XmlUtil.SelectSingleNode(xml, "num_grp_sep");
                                Session["USER_SETTINGS/DECIMAL_SEPARATOR"] = XmlUtil.SelectSingleNode(xml, "dec_sep");
                                try
                                {
                                    Session["USER_SETTINGS/TIMEZONE"] = Sql.ToGuid(XmlUtil.SelectSingleNode(xml, "timezone")).ToString();
                                }
                                catch
                                {
                                    SplendidError.SystemError(new StackTrace(true).GetFrame(0), "Invalid USER_SETTINGS/TIMEZONE: " + XmlUtil.SelectSingleNode(xml, "timezone"));
                                }
                                try
                                {
                                    Session["USER_SETTINGS/CURRENCY"] = XmlUtil.SelectSingleNode(xml, "currency_id");
                                }
                                catch
                                {
                                    SplendidError.SystemError(new StackTrace(true).GetFrame(0), "Invalid USER_SETTINGS/CURRENCY: " + XmlUtil.SelectSingleNode(xml, "currency_id"));
                                }

                                DataView vwCurrencies = new DataView(SplendidCache.Currencies());
                                vwCurrencies.RowFilter = "ID = '" + XmlUtil.SelectSingleNode(xml, "currency_id") + "'";
                                if (vwCurrencies.Count > 0)
                                {
                                    Session["USER_SETTINGS/CURRENCY_SYMBOL"] = Sql.ToString(vwCurrencies[0]["SYMBOL"]);
                                }
                            }
                        }
                    }
                }
                // 11/21/2005 Paul.  New users may not have any settings, so we need to initialize the defaults.
                // It is best to do it here rather than wrap the variables in a function that would return the default if null.
                sCulture = Sql.ToString(Session["USER_SETTINGS/CULTURE"]);
                sTheme   = Sql.ToString(Session["USER_SETTINGS/THEME"]);
                string sDateFormat = Sql.ToString(Session["USER_SETTINGS/DATEFORMAT"]);
                string sTimeFormat = Sql.ToString(Session["USER_SETTINGS/TIMEFORMAT"]);
                string sTimeZone   = Sql.ToString(Session["USER_SETTINGS/TIMEZONE"]);
                string sCurrencyID = Sql.ToString(Session["USER_SETTINGS/CURRENCY"]);
                if (Sql.IsEmptyString(sCulture))
                {
                    Session["USER_SETTINGS/CULTURE"] = SplendidDefaults.Culture();
                }
                if (Sql.IsEmptyString(sTheme))
                {
                    sTheme = SplendidDefaults.Theme();
                    Session["USER_SETTINGS/THEME"] = sTheme;
                    Session["themeURL"]            = sApplicationPath + "Themes/" + sTheme + "/";
                }
                if (Sql.IsEmptyString(sDateFormat))
                {
                    Session["USER_SETTINGS/DATEFORMAT"] = SplendidDefaults.DateFormat();
                }
                // 11/12/2005 Paul.  "m" is not valid for .NET month formatting.  Must use MM.
                // 11/12/2005 Paul.  Require 4 digit year.  Otherwise default date in Pipeline of 12/31/2100 would get converted to 12/31/00.
                if (SplendidDefaults.IsValidDateFormat(sDateFormat))
                {
                    Session["USER_SETTINGS/DATEFORMAT"] = SplendidDefaults.DateFormat(sDateFormat);
                }
                if (Sql.IsEmptyString(sTimeFormat))
                {
                    Session["USER_SETTINGS/TIMEFORMAT"] = SplendidDefaults.TimeFormat();
                }
                if (Sql.IsEmptyString(sCurrencyID))
                {
                    Session["USER_SETTINGS/CURRENCY"] = SplendidDefaults.CurrencyID();
                }
                if (Sql.IsEmptyString(sTimeZone))
                {
                    Session["USER_SETTINGS/TIMEZONE"] = SplendidDefaults.TimeZone();
                }

                // 05/09/2006 Paul.  Use defaults when necessary.
                string sGROUP_SEPARATOR   = Sql.ToString(Session["USER_SETTINGS/GROUP_SEPARATOR"]);
                string sDECIMAL_SEPARATOR = Sql.ToString(Session["USER_SETTINGS/DECIMAL_SEPARATOR"]);
                if (Sql.IsEmptyString(sGROUP_SEPARATOR))
                {
                    Session["USER_SETTINGS/GROUP_SEPARATOR"] = SplendidDefaults.GroupSeparator();
                }
                if (Sql.IsEmptyString(sDECIMAL_SEPARATOR))
                {
                    Session["USER_SETTINGS/DECIMAL_SEPARATOR"] = SplendidDefaults.DecimalSeparator();
                }
            }
        }
コード例 #6
0
        public static void InitApp()
        {
            try
            {
                HttpApplicationState Application = HttpContext.Current.Application;
                if (Application.Count == 0)
                {
                    SplendidError.SystemWarning(new StackTrace(true).GetFrame(0), "Application start.");
                }
                else
                {
                    SplendidError.SystemWarning(new StackTrace(true).GetFrame(0), "Application restart.");
                }

                // 11/14/2005 Paul.  Force the reload of the provider and connection strings.
                // Application.Remove("SplendidProvider");
                // 11/28/2005 Paul.  Use Clear() to clear all application variables.
                DataTable dtSystemErrors = Application["SystemErrors"] as DataTable;
                Application.Clear();
                // 11/28/2005 Paul.  Save and restore the system errors table.
                Application["SystemErrors"] = dtSystemErrors;
                InitAppURLs();

                // 11/28/2005 Paul.  Clear all cache variables as well.
                foreach (DictionaryEntry oKey in HttpContext.Current.Cache)
                {
                    string sKey = oKey.Key.ToString();
                    HttpContext.Current.Cache.Remove(sKey);
                }
                // 06/03/2006 Paul.  Clear the cached data that is stored in the Session object.
                if (HttpContext.Current.Session != null)
                {
                    Hashtable hashSessionKeys = new Hashtable();
                    foreach (string sKey in HttpContext.Current.Session.Keys)
                    {
                        hashSessionKeys.Add(sKey, null);
                    }
                    // 06/03/2006 Paul.  We can't remove a key when it is used in the enumerator.
                    foreach (string sKey in hashSessionKeys.Keys)
                    {
                        if (sKey.StartsWith("vwSHORTCUTS_Menu_ByUser") || sKey.StartsWith("vwMODULES_TabMenu_ByUser"))
                        {
                            HttpContext.Current.Session.Remove(sKey);
                        }
                    }
                }

                DbProviderFactory dbf = DbProviderFactories.GetFactory();
                using (IDbConnection con = dbf.CreateConnection())
                {
                    // 07/28/2006 Paul.  Test the database connection and allow an early exit if failed.
                    con.Open();
                }

                // 01/12/2006 Paul.  Separate out the terminology so that it can be called when importing a language pack.
                InitTerminology();

                using (IDbConnection con = dbf.CreateConnection())
                {
                    con.Open();
                    string sSQL;
                    sSQL = "select NAME    " + ControlChars.CrLf
                           + "     , VALUE   " + ControlChars.CrLf
                           + "  from vwCONFIG" + ControlChars.CrLf;
                    using (IDbCommand cmd = con.CreateCommand())
                    {
                        cmd.CommandText = sSQL;
                        using (IDataReader rdr = cmd.ExecuteReader())
                        {
                            while (rdr.Read())
                            {
                                Application["CONFIG." + Sql.ToString(rdr["NAME"])] = Sql.ToString(rdr["VALUE"]);
                            }
                        }
                    }
                    sSQL = "select *          " + ControlChars.CrLf
                           + "  from vwTIMEZONES" + ControlChars.CrLf;
                    using (IDbCommand cmd = con.CreateCommand())
                    {
                        cmd.CommandText = sSQL;
                        using (IDataReader rdr = cmd.ExecuteReader())
                        {
                            while (rdr.Read())
                            {
                                TimeZone oTimeZone = new TimeZone
                                                         (Sql.ToGuid(rdr["ID"])
                                                         , Sql.ToString(rdr["NAME"])
                                                         , Sql.ToString(rdr["STANDARD_NAME"])
                                                         , Sql.ToString(rdr["STANDARD_ABBREVIATION"])
                                                         , Sql.ToString(rdr["DAYLIGHT_NAME"])
                                                         , Sql.ToString(rdr["DAYLIGHT_ABBREVIATION"])
                                                         , Sql.ToInteger(rdr["BIAS"])
                                                         , Sql.ToInteger(rdr["STANDARD_BIAS"])
                                                         , Sql.ToInteger(rdr["DAYLIGHT_BIAS"])
                                                         , Sql.ToInteger(rdr["STANDARD_YEAR"])
                                                         , Sql.ToInteger(rdr["STANDARD_MONTH"])
                                                         , Sql.ToInteger(rdr["STANDARD_WEEK"])
                                                         , Sql.ToInteger(rdr["STANDARD_DAYOFWEEK"])
                                                         , Sql.ToInteger(rdr["STANDARD_HOUR"])
                                                         , Sql.ToInteger(rdr["STANDARD_MINUTE"])
                                                         , Sql.ToInteger(rdr["DAYLIGHT_YEAR"])
                                                         , Sql.ToInteger(rdr["DAYLIGHT_MONTH"])
                                                         , Sql.ToInteger(rdr["DAYLIGHT_WEEK"])
                                                         , Sql.ToInteger(rdr["DAYLIGHT_DAYOFWEEK"])
                                                         , Sql.ToInteger(rdr["DAYLIGHT_HOUR"])
                                                         , Sql.ToInteger(rdr["DAYLIGHT_MINUTE"])
                                                         , Sql.ToBoolean(Application["CONFIG.GMT_Storage"])
                                                         );
                                Application["TIMEZONE." + oTimeZone.ID.ToString()] = oTimeZone;
                            }
                        }
                    }
                    sSQL = "select *           " + ControlChars.CrLf
                           + "  from vwCURRENCIES" + ControlChars.CrLf;
                    using (IDbCommand cmd = con.CreateCommand())
                    {
                        cmd.CommandText = sSQL;
                        using (IDataReader rdr = cmd.ExecuteReader())
                        {
                            while (rdr.Read())
                            {
                                Currency C10n = new Currency
                                                    (Sql.ToGuid(rdr["ID"])
                                                    , Sql.ToString(rdr["NAME"])
                                                    , Sql.ToString(rdr["SYMBOL"])
                                                    , Sql.ToFloat(rdr["CONVERSION_RATE"])
                                                    );
                                Application["CURRENCY." + C10n.ID.ToString()] = C10n;
                            }
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                SplendidError.SystemError(new StackTrace(true).GetFrame(0), ex.Message);
                //HttpContext.Current.Response.Write(ex.Message);
            }
        }