public ActionResult SimpleQuery() { string startwhere = string.Empty; string report = Request.Form["report"]; CommondController commond = new CommondController(_db); string sqlValue = commond.GetSqlValue(report, isFillter: false); /*TODO: isFillter:false SimpleQuery*/ if (sqlValue.IsEmpty()) { return(Content("no")); } string[] keys = Request.Form.AllKeys; MYSQLInit init = new MYSQLInit(); try { SimpleSqlInjectMethod(init, sqlValue, keys); int rowEf = commond.GetCount(sqlValue + init.GetCurrentSQL(), init.GetCurrentPara()); if (0 == rowEf) { return(Content("no")); } } catch (Exception ex) { BugLog.Write(ex.ToString()); return(Content("error")); } Session["SqlValue"] = GetSimpleSql(report); return(Content("ok")); }
public ActionResult ETaoPhoto(string Id /*= "040427cf-0cb9-4ef2-8379-5b63df38e98a"*/) { if (string.IsNullOrEmpty(Id)) { return(View()); } MYSQLInit Sql = new MYSQLInit(); Sql.Append("select idCardImg1 as 'F_idCard',idCardImg2 as 'B_idCard' ,license as 'License' , storeImg1 as 'Store_1', storeImg2 as 'Store_2' ,storeImg3 as 'Store_3' ,`name` ,phone,authenticId from etao_authentic"); Sql.Where("authenticId =", Id); DataTable T = new CommondController(_db).GetDataTableWithParam(Sql.GetCurrentSQL(), Sql.GetCurrentPara()); ETaoPhoto model = T.ConvertTo <ETaoPhoto>().FirstOrDefault(); return(View(model)); }
public ActionResult AdvancedQuery() { //高级查询 重新查询所有 (重要) string typeInt = "System.Int32System.Int64System.UInt64System.Int16System.IntSystem.DecimalSystem.SingleSystem.DoubleSystem.SByteSystem.Decima"; string report = Request.Form["report"]; string[] ziduan = Request.Form["ziduan"].Split(new char[] { ',' }); string[] leixing = Request.Form["leixing"].Split(new char[] { ',' }); Dictionary <string, FormValue> dic = new Dictionary <string, FormValue>(); int i = 0; foreach (var item in ziduan) { FormValue fv = new FormValue { name = ziduan[i], DateExit = true, value = Request.Form[ziduan[i]] }; if (leixing[i] == "System.DateTime") { #region System.DateTime if (Request.Form[ziduan[i]].Trim() == string.Empty) { fv.DateExit = false; } if ((Request.Form[ziduan[i] + ziduan[i]]).Trim() == string.Empty) { fv.SecondData = false; } else { fv.SecondData = true; string date = Request.Form[ziduan[i] + ziduan[i]]; fv.maxDataTime = DateTime.Parse(date).AddDays(1).ToString(); } #endregion } else if (typeInt.Contains(leixing[i])) { //存在运算符 if (Request.Form[ziduan[i]].Trim() == string.Empty) { fv.DateExit = false; } else { fv.operatorstr = Request.Form[ziduan[i] + "selectname"]; } } else { if (Request.Form[ziduan[i]].Trim() == string.Empty) { fv.DateExit = false; } } dic.Add(leixing[i] + i.ToString(), fv); i++; } CommondController commond = new CommondController(_db); string sql = commond.GetSqlValue(report, isFillter: false); /*TODO: isFillter:false AdvancedQuery*/ if (sql.IsNotEmpty()) { //old method //处理sql拼接 //sqlString = GetSqlValue(sql, dic, Request.Form["title"]); //getSqlByDict(sql, dic); //var count=commond.GetCount(sqlString); //if (0 == count) //return Content("no"); ////保存当前多条件查询的字符串 //Session["SqlValue"] = sqlString; //return Content("ok"); MYSQLInit sqlInit = new MYSQLInit(); SqlInjectMethod(sql, dic, sqlInit); var listcount = commond.GetCount(sql + sqlInit.GetCurrentSQL(), sqlInit.GetCurrentPara()); if (0 == listcount) { return(Content("no")); } else { Session["SqlValue"] = GetSqlValue(sql, dic, Request.Form["title"]); return(Content("ok")); } } else { return(Content("no")); } }