public IActionResult MainEntityDataFetch(EntityDataFetchModel model) { try { List <JQDTFriendlyColumnInfo> columnsForFrontEnd = new List <JQDTFriendlyColumnInfo>(); DataTable dt = _businessLayer.GetTableCriteriaData(model, ref columnsForFrontEnd); string orderByCol = model.orderBy; int sortColIndex = 0; if (!string.IsNullOrEmpty(model.orderBy)) { sortColIndex = dt.Columns[orderByCol].Ordinal; } return(Json(new { recordsFiltered = dt.Rows.Count, recordsTotal = dt.Rows.Count, data = dt.JQDTFriendlyTableData(), columns = columnsForFrontEnd, sortColIndex = sortColIndex, ascDesc = model.ascDesc.ToLower() })); } catch (Exception ex) { return(Json(new { error = ex.Message })); } }
public DataTable GetTableCriteriaData(EntityDataFetchModel model, ref List <JQDTFriendlyColumnInfo> columnsForFrontEnd) { // columnsForFrontEnd is filled by refernce //columns = dt.JQDTFriendlyColumnList(); //List<ColumnInfo> cols = GetColumns(table); string sql = _dataAccess.BuildBasicSql("*", model.table, model.criteria, model.orderBy, model.ascDesc, model.topN); if (sql.Replace('\t', ' ').Replace('\r', ' ').Replace('\n', ' ').ToLower().Occurance(" from ") > 1) { throw new Exception("Invalid SQL"); // poor man's sql injection prevention } return(EntitySqlToDtForFrontEnd(model.table, sql, ref columnsForFrontEnd)); }