public object SetUserMenus(object[] objParam) { String strUserID = objParam[0].ToString(); String strItemType = objParam[2].ToString(); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { //delete groups which will possibly be repeated later string strDel = "delete from USERMENUS where USERID = '" + strUserID + "' and MENUID in (select MENUID from MENUTABLE where ITEMTYPE='" + strItemType + "')"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; cmd.CommandText = strDel; cmd.ExecuteNonQuery(); //add new groups if (objParam[1] != null && objParam[1].ToString() != "") { string[] MenuID = ((string)objParam[1]).Split(';'); for (int i = 0; i < MenuID.Length; i++) if (MenuID[i].ToString() != "" && strUserID != "") { string strInsert = "insert into USERMENUS (USERID, MENUID) values ('" + strUserID + "', '" + MenuID[i].ToString() + "')"; //为了区分不同的数据库 by Rei InfoCommand InsertCmd = new InfoCommand(ClientInfo); InsertCmd.Connection = nwindConn; InsertCmd.CommandText = strInsert; InsertCmd.ExecuteNonQuery(); } } return new object[] { 0, null }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object DeleteUserMenuControls(object[] objParam) { String strMenuID = objParam[0].ToString(); String strUserID = objParam[1].ToString(); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = "DELETE FROM USERMENUCONTROL WHERE MENUID='" + strMenuID + "' AND USERID='" + strUserID + "'"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object DelUser(object[] objParam) { string str = (String)objParam[0]; string[] id = str.Split(';'); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = "delete from USERMENUCONTROL where USERID = '" + id[0] + "' and MENUID = '" + id[1] + "' and CONTROLNAME = '" + id[2] + "'"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); return new object[] { 0, null }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object UpdateRoleAgent(object[] objParam) { String roleID = (String)objParam[0]; String[] roles = objParam[1].ToString().Split(new String[] { "!" }, StringSplitOptions.RemoveEmptyEntries); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); InfoCommand cmd = new InfoCommand(ClientInfo); try { String strSql = "DELETE FROM SYS_ROLES_AGENT WHERE ROLE_ID='" + roleID + "'"; cmd.Transaction = nwindConn.BeginTransaction(); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); for (int i = 0; i < roles.Length; i++) { if (roles[i].EndsWith(",")) roles[i] = roles[i].Remove(roles[i].LastIndexOf(",")); strSql = "INSERT INTO SYS_ROLES_AGENT (ROLE_ID, AGENT, FLOW_DESC, START_DATE, START_TIME, END_DATE, END_TIME, PAR_AGENT, REMARK) " + "VALUES ('" + roleID + "', " + roles[i] + ")"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); } cmd.Transaction.Commit(); return new object[] { 0 }; } catch (Exception ex) { cmd.Transaction.Rollback(); return new object[] { 0, ex.Message }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object UpdateWorkFlow(object[] objParam) { if (IsWorkFlowTransactionEnabled && GetWorkFlowTransaction(GetClientInfo(ClientInfoType.LoginDB).ToString()) != null) { IDbConnection nwindConn = AllocateWorkFlowConnection(GetClientInfo(ClientInfoType.LoginDB).ToString()); try { string sql = (string)objParam[0]; InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; cmd.CommandText = sql; //set work flow transaction cmd.Transaction = GetWorkFlowTransaction(GetClientInfo(ClientInfoType.LoginDB).ToString()); // try { cmd.ExecuteNonQuery(); return new object[] { 0, null }; } catch (Exception e) { return new object[] { 1, e.Message }; } } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } } else { string dbname = GetSplitSysDBSD(GetClientInfo(ClientInfoType.LoginDB).ToString()); if (WorkFlowTransmitterPropagationToken != null) { using (System.Transactions.TransactionScope ts = new System.Transactions.TransactionScope(System.Transactions.TransactionInterop.GetTransactionFromTransmitterPropagationToken(WorkFlowTransmitterPropagationToken))) { using (IDbConnection nwindConn = DbConnectionSet.GetDbConn(dbname, DeveloperID).CreateConnection()) { if (nwindConn.State != ConnectionState.Open) { nwindConn.Open(); } string sql = (string)objParam[0]; InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; cmd.CommandText = sql; try { var dbHelper = DbHelperFactory.CreateDbHelper(); if (dbHelper != null) { dbHelper.ExecuteNonQuery(cmd); } else { cmd.ExecuteNonQuery(); } ts.Complete(); return new object[] { 0, null }; } catch (Exception e) { return new object[] { 1, e.Message }; } } } } else { using (IDbConnection nwindConn = DbConnectionSet.GetDbConn(dbname, DeveloperID).CreateConnection()) { if (nwindConn.State != ConnectionState.Open) { nwindConn.Open(); } string sql = (string)objParam[0]; InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; cmd.CommandText = sql; try { var dbHelper = DbHelperFactory.CreateDbHelper(); if (dbHelper != null) { dbHelper.ExecuteNonQuery(cmd); } else { cmd.ExecuteNonQuery(); } return new object[] { 0, null }; } catch (Exception e) { return new object[] { 1, e.Message }; } } } } }
public object UpdateADUsers(object[] objParam) { String[] strAdUsers = objParam[0].ToString().Split(new String[] { ";" }, StringSplitOptions.RemoveEmptyEntries); object[] myRet = (object[])GetADUsers(null); ArrayList alADUsers = myRet[1] as ArrayList; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, false); try { foreach (String strADUser in strAdUsers) { foreach (ADUser user in alADUsers) { if (strADUser == user.ID) { InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql) { cmd.CommandText = "DELETE FROM USERS WHERE USERID=@USERID"; IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = "@USERID"; idpUSERID.Value = user.ID; cmd.Parameters.Add(idpUSERID); } else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix) { cmd.CommandText = "DELETE FROM USERS WHERE USERID=?"; IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = "?"; idpUSERID.Value = user.ID; cmd.Parameters.Add(idpUSERID); } else if (ct == ClientType.ctOracle) { cmd.CommandText = "DELETE FROM USERS WHERE USERID=:USERID"; IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = ":USERID"; idpUSERID.Value = user.ID; cmd.Parameters.Add(idpUSERID); } cmd.ExecuteNonQuery(); cmd.Parameters.Clear(); if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql) { cmd.CommandText = "INSERT INTO USERS (USERID, USERNAME, DESCRIPTION, AUTOLOGIN, EMAIL, MSAD, CREATEDATE) " + "VALUES (@USERID, @USERNAME, @DESCRIPTION, 'S', @EMAIL, 'Y', @CREATEDATE)"; IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = "@USERID"; idpUSERID.Value = user.ID; IDbDataParameter idpUSERNAME = cmd.CreateParameter(); idpUSERNAME.ParameterName = "@USERNAME"; idpUSERNAME.Value = user.Name; IDbDataParameter idpDESCRIPTION = cmd.CreateParameter(); idpDESCRIPTION.ParameterName = "@DESCRIPTION"; idpDESCRIPTION.Value = user.Description; IDbDataParameter idpEMAIL = cmd.CreateParameter(); idpEMAIL.ParameterName = "@EMAIL"; idpEMAIL.Value = user.Email; IDbDataParameter idpCREATEDATE = cmd.CreateParameter(); idpCREATEDATE.ParameterName = "@CREATEDATE"; idpCREATEDATE.Value = DateTime.Today.ToString("yyyyMMdd"); cmd.Parameters.Add(idpUSERID); cmd.Parameters.Add(idpUSERNAME); cmd.Parameters.Add(idpDESCRIPTION); cmd.Parameters.Add(idpEMAIL); cmd.Parameters.Add(idpCREATEDATE); } else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix) { cmd.CommandText = "INSERT INTO USERS (USERID, USERNAME, DESCRIPTION, AUTOLOGIN, EMAIL, MSAD, CREATEDATE) " + "VALUES (?, ?, ?, 'S', ?, 'Y', ?)"; IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = "?"; idpUSERID.Value = user.ID; IDbDataParameter idpUSERNAME = cmd.CreateParameter(); idpUSERNAME.ParameterName = "?"; idpUSERNAME.Value = user.Name; IDbDataParameter idpDESCRIPTION = cmd.CreateParameter(); idpDESCRIPTION.ParameterName = "?"; idpDESCRIPTION.Value = user.Description; IDbDataParameter idpEMAIL = cmd.CreateParameter(); idpEMAIL.ParameterName = "?"; idpEMAIL.Value = user.Email; IDbDataParameter idpCREATEDATE = cmd.CreateParameter(); idpCREATEDATE.ParameterName = "?"; idpCREATEDATE.Value = DateTime.Today.ToString("yyyyMMdd"); cmd.Parameters.Add(idpUSERID); cmd.Parameters.Add(idpUSERNAME); cmd.Parameters.Add(idpDESCRIPTION); cmd.Parameters.Add(idpEMAIL); cmd.Parameters.Add(idpCREATEDATE); } else if (ct == ClientType.ctOracle) { cmd.CommandText = "INSERT INTO USERS (USERID, USERNAME, DESCRIPTION, AUTOLOGIN, EMAIL, MSAD, CREATEDATE) " + "VALUES (:USERID, :USERNAME, :DESCRIPTION, 'S', :EMAIL, 'Y', :CREATEDATE)"; IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = ":USERID"; idpUSERID.Value = user.ID; IDbDataParameter idpUSERNAME = cmd.CreateParameter(); idpUSERNAME.ParameterName = ":USERNAME"; idpUSERNAME.Value = user.Name; IDbDataParameter idpDESCRIPTION = cmd.CreateParameter(); idpDESCRIPTION.ParameterName = ":DESCRIPTION"; idpDESCRIPTION.Value = user.Description; IDbDataParameter idpEMAIL = cmd.CreateParameter(); idpEMAIL.ParameterName = ":EMAIL"; idpEMAIL.Value = user.Email; IDbDataParameter idpCREATEDATE = cmd.CreateParameter(); idpCREATEDATE.ParameterName = ":CREATEDATE"; idpCREATEDATE.Value = DateTime.Today.ToString("yyyyMMdd"); cmd.Parameters.Add(idpUSERID); cmd.Parameters.Add(idpUSERNAME); cmd.Parameters.Add(idpDESCRIPTION); cmd.Parameters.Add(idpEMAIL); cmd.Parameters.Add(idpCREATEDATE); } cmd.ExecuteNonQuery(); break; } } } return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, false); } }
public object UpdateMenuTable(object[] objParam) { string[] itemType = ((String)objParam[0]).Split(';'); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = "update MENUTABLE set ITEMTYPE = '" + itemType[1] + "' where ITEMTYPE = '" + itemType[0] + "'"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
//这个方法效率太低 public object InsertToMenu(object[] objParam) { for (int i = 0; i < objParam.Length; i++) { string Menu = (String)objParam[i]; if (Menu == ";;" || Menu == "" || Menu == null) continue; string[] Insert = Menu.Split(';'); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = "insert into MENUTABLECONTROL (MENUID, CONTROLNAME , DESCRIPTION, TYPE) values ('" + Insert[0] + "', '" + Insert[1] + "', '" + Insert[2] + "', '" + Insert[3] + "')"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } } return new object[] { 0 }; }
public object LogError(object[] objParam) { #region Build the command and exec the command to log error ClientType ct = ClientType.ctNone; IDbConnection conn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { String sQL = String.Empty; //为了区分不同的数据库 by Rei InfoCommand command = new InfoCommand(ClientInfo); command.Connection = conn; DbParameter paramUserId = null; DbParameter paramMoudleName = null; DbParameter paramErrMessage = null; DbParameter paramErrStack = null; DbParameter paramErrDescrip = null; DbParameter paramErrDate = null; DbParameter paramErrScreen = null; DbParameter paramStatus = null; if (conn is OleDbConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(?, ?, ?, ?, ?, ?, ?, ?)"; paramUserId = new OleDbParameter("@UserId", OleDbType.VarChar, 20); paramMoudleName = new OleDbParameter("@ModuleName", OleDbType.VarChar, 30); paramErrMessage = new OleDbParameter("@ErrMessage", OleDbType.VarChar, 300); paramErrStack = new OleDbParameter("@ErrStack", OleDbType.VarChar, 5000); paramErrDescrip = new OleDbParameter("@ErrDescrip", OleDbType.VarChar, 300); paramErrDate = new OleDbParameter("@ErrDate", OleDbType.Date); paramErrScreen = new OleDbParameter("@ErrScreen", OleDbType.Binary); paramStatus = new OleDbParameter("@Status", OleDbType.VarChar, 2); } else if (conn is OdbcConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(@UserId, @ModuleName, @ErrMessage, @ErrStack, @ErrDescrip, @ErrDate, @ErrScreen, @Status)"; paramUserId = new OdbcParameter("@UserId", OdbcType.VarChar, 20); paramMoudleName = new OdbcParameter("@ModuleName", OdbcType.VarChar, 30); paramErrMessage = new OdbcParameter("@ErrMessage", OdbcType.VarChar, 300); paramErrStack = new OdbcParameter("@ErrStack", OdbcType.VarChar, 5000); paramErrDescrip = new OdbcParameter("@ErrDescrip", OdbcType.VarChar, 300); paramErrDate = new OdbcParameter("@ErrDate", OdbcType.Date); paramErrScreen = new OdbcParameter("@ErrScreen", OdbcType.Binary); paramStatus = new OdbcParameter("@Status", OdbcType.VarChar, 2); } else if (conn is OracleConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(:UserId, :ModuleName, :ErrMessage, :ErrStack, :ErrDescrip, :ErrDate, :ErrScreen, :Status)"; paramUserId = new OracleParameter(":UserId", OracleType.VarChar, 20); paramMoudleName = new OracleParameter(":ModuleName", OracleType.VarChar, 30); paramErrMessage = new OracleParameter(":ErrMessage", OracleType.VarChar, 300); paramErrStack = new OracleParameter(":ErrStack", OracleType.VarChar, 5000); paramErrDescrip = new OracleParameter(":ErrDescrip", OracleType.VarChar, 300); paramErrDate = new OracleParameter(":ErrDate", OracleType.DateTime); paramErrScreen = new OracleParameter(":ErrScreen", OracleType.Blob, (objParam[6] as byte[]).Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, objParam[6]); paramStatus = new OracleParameter(":Status", OracleType.VarChar, 2); } else if (conn is SqlConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(@UserId, @ModuleName, @ErrMessage, @ErrStack, @ErrDescrip, @ErrDate, @ErrScreen, @Status)"; paramUserId = new SqlParameter("@UserId", SqlDbType.VarChar, 20); paramMoudleName = new SqlParameter("@ModuleName", SqlDbType.VarChar, 30); paramErrMessage = new SqlParameter("@ErrMessage", SqlDbType.VarChar, 300); paramErrStack = new SqlParameter("@ErrStack", SqlDbType.VarChar, 5000); paramErrDescrip = new SqlParameter("@ErrDescrip", SqlDbType.VarChar, 300); paramErrDate = new SqlParameter("@ErrDate", SqlDbType.DateTime); paramErrScreen = new SqlParameter("@ErrScreen", SqlDbType.Binary); paramStatus = new SqlParameter("@Status", SqlDbType.VarChar, 2); } #if MySql else if (conn is MySqlConnection) { paramUserId = new MySqlParameter("@UserId", MySqlDbType.VarChar, 20); paramMoudleName = new MySqlParameter("@ModuleName", MySqlDbType.VarChar, 30); paramErrMessage = new MySqlParameter("@ErrMessage", MySqlDbType.VarChar, 300); paramErrStack = new MySqlParameter("@ErrStack", MySqlDbType.VarChar, 5000); paramErrDescrip = new MySqlParameter("@ErrDescrip", MySqlDbType.VarChar, 300); paramErrDate = new MySqlParameter("@ErrDate", MySqlDbType.Datetime); paramErrScreen = new MySqlParameter("@ErrScreen", MySqlDbType.Binary); paramStatus = new MySqlParameter("@Status", MySqlDbType.VarChar, 2); } #endif #if Informix else if (conn is IBM.Data.Informix.IfxConnection) { sQL = "insert into SYSERRLOG(USERID, MODULENAME, ERRMESSAGE, ERRSTACK, ERRDESCRIP, ERRDATE, ERRSCREEN, STATUS)" + "values(?, ?, ?, ?, ?, ?, ?, ?)"; paramUserId = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 20); paramMoudleName = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 30); paramErrMessage = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 300); paramErrStack = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Text, 5000); paramErrDescrip = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 300); paramErrDate = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.DateTime); paramErrScreen = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Blob); paramStatus = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 2); } #endif command.CommandText = sQL; paramUserId.Value = (objParam[0] == null ? "" : objParam[0]); paramMoudleName.Value = (objParam[1] == null ? "" : objParam[1]); ; paramErrMessage.Value = (objParam[2] == null ? "" : objParam[2]); ; paramErrStack.Value = (objParam[3] == null ? "" : objParam[3]); ; paramErrDescrip.Value = (objParam[4] == null ? "" : objParam[4]); ; paramErrDate.Value = (objParam[5] == null ? DateTime.Now : objParam[5]); ; paramErrScreen.Value = (objParam[6] == null ? "" : objParam[6]); ; paramStatus.Value = (objParam[7] == null ? "" : objParam[7]); ; command.Parameters.Add(paramUserId); command.Parameters.Add(paramMoudleName); command.Parameters.Add(paramErrMessage); command.Parameters.Add(paramErrStack); command.Parameters.Add(paramErrDescrip); command.Parameters.Add(paramErrDate); command.Parameters.Add(paramErrScreen); command.Parameters.Add(paramStatus); Int32 i = command.ExecuteNonQuery(); if (i != 1) { return new object[] { 1 }; } else { return new object[] { 0 }; } } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conn, true); } #endregion }
public object[] AnyQuerySave(object[] param) { String userID = GetClientInfo(ClientInfoType.LoginUser).ToString(); String queryID = param[0].ToString(); String templateID = param[1].ToString(); String xmlText = param[2].ToString(); String tableName = param[3].ToString(); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { String sql = "DELETE FROM SYS_ANYQUERY WHERE USERID='" + userID + "' AND QUERYID='" + queryID + "' AND TEMPLATEID='" + templateID + "'"; InfoCommand myCommand = new InfoCommand(ClientInfo); myCommand.Connection = nwindConn; myCommand.CommandText = sql; myCommand.ExecuteNonQuery(); String dt = DateTime.Now.ToShortDateString() + " " + DateTime.Now.Hour + ":" + DateTime.Now.Minute + ":" + DateTime.Now.Second; if (ct == ClientType.ctMsSql) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', @CONTENT)"; SqlParameter paramContent = new SqlParameter(); paramContent.ParameterName = "@CONTENT"; paramContent.SqlDbType = SqlDbType.Text; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } else if (ct == ClientType.ctOracle) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', to_date('" + dt + "', 'yyyy/mm/dd hh24:mi:ss'), :CONTENT)"; OracleParameter paramContent = new OracleParameter(); paramContent.ParameterName = ":CONTENT"; paramContent.OracleType = OracleType.Blob; byte[] byteArray = System.Text.Encoding.Default.GetBytes(xmlText); paramContent.Value = byteArray; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } else if (ct == ClientType.ctODBC) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)"; OdbcParameter paramContent = new OdbcParameter(); paramContent.ParameterName = "@CONTENT"; paramContent.OdbcType = OdbcType.NText; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } else if (ct == ClientType.ctOleDB) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)"; OleDbParameter paramContent = new OleDbParameter(); paramContent.ParameterName = "@CONTENT"; paramContent.OleDbType = OleDbType.Binary; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } #if MySQL else if (ct == ClientType.ctMySql) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', @CONTENT)"; SqlParameter paramContent = new SqlParameter(); paramContent.ParameterName = "@CONTENT"; paramContent.SqlDbType = SqlDbType.Text; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } #endif #if Informix else if (ct == ClientType.ctInformix) { sql = "INSERT INTO SYS_ANYQUERY (QUERYID, USERID, TEMPLATEID, TABLENAME, LASTDATE, CONTENT) VALUES ('" + queryID + "', '" + userID + "', '" + templateID + "', '" + tableName + "', '" + dt + "', ?)"; IBM.Data.Informix.IfxParameter paramContent = new IBM.Data.Informix.IfxParameter(); paramContent.ParameterName = "?"; paramContent.IfxType = IBM.Data.Informix.IfxType.Text; paramContent.Value = xmlText; myCommand.CommandText = sql; myCommand.Parameters.Add(paramContent); } #endif myCommand.ExecuteNonQuery(); return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object InsertToGroup(object[] objParam) { string Group = (String)objParam[0]; string[] insert = Group.Split(';'); if (insert[0] == null || insert[0] == "") return new object[] { 0 }; else { ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = "insert into GROUPMENUCONTROL (GROUPID, MENUID, CONTROLNAME, TYPE, ENABLED, VISIBLE, ALLOWADD, ALLOWUPDATE, ALLOWDELETE, ALLOWPRINT)" + " values ( '" + insert[0] + "', '" + insert[1] + "', '" + insert[2] + "', '" + insert[3] + "', '" + insert[4] + "', '" + insert[5] + "', '" + insert[6] + "', '" + insert[7] + "', '" + insert[8] + "', '" + insert[9] + "')"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } } }
public object[] GetMessage(object[] objParams) { string sNow = FormatDateTime(DateTime.Now); string sLoginUser = GetClientInfo(ClientInfoType.LoginUser).ToString(); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { //为了区分不同的数据库 by Rei InfoCommand myCommand = new InfoCommand(ClientInfo); myCommand.Connection = nwindConn; string strSql = ""; strSql = string.Format("select * from SYS_MESSENGER where STATUS = 'S' and USERID = '{0}'", sLoginUser); myCommand.CommandText = strSql; IDataAdapter adpater = DBUtils.CreateDbDataAdapter(myCommand); DataSet dsMessage = new DataSet(); DataTable dt = new DataTable("Message"); (adpater as DbDataAdapter).Fill(dt); dsMessage.Tables.Add(dt); strSql = string.Format("Update SYS_MESSENGER SET STATUS = 'R' where STATUS = 'S' and USERID = '{0}'", sLoginUser); myCommand.CommandText = strSql; myCommand.ExecuteNonQuery(); return new object[] { 0, dsMessage }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object GetFavorMenuID(object[] objParam) { String userID = objParam[0].ToString(); String itemType = objParam[1].ToString(); ArrayList menuID = objParam[2] as ArrayList; ArrayList caption = objParam[3] as ArrayList; String groupName = objParam[4].ToString(); ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; String group = ""; if (groupName == "") { if (nwindConn is SqlConnection) { group = "GROUPNAME='" + group + "'"; } else if (nwindConn is OracleConnection) { group = "GROUPNAME is null"; } else if (nwindConn is OdbcConnection) { group = "GROUPNAME='" + group + "'"; } else if (nwindConn is OleDbConnection) { group = "GROUPNAME='" + group + "'"; } else if (nwindConn.GetType().Name == "MySqlConnection") { group = "GROUPNAME='" + group + "'"; } else if (nwindConn.GetType().Name == "IfxConnection") { group = "GROUPNAME='" + group + "'"; } } else { group = "GROUPNAME='" + groupName + "'"; } String strSql = "delete MENUFAVOR where USERID='" + userID + "' and ITEMTYPE='" + itemType + "' AND " + group; cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); for (int i = 0; i < menuID.Count; i++) { strSql = "insert into MENUFAVOR (MENUID, CAPTION, USERID, ITEMTYPE, GROUPNAME) values ('" + menuID[i] + "', '" + caption[i] + "', '" + userID + "', '" + itemType + "', '" + groupName + "')"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); } return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object[] AnyQueryDeleteFile(object[] param) { ClientType ct = ClientType.ctMsSql; String queryID = param[0].ToString(); String fileName = param[1].ToString(); String userid = GetClientInfo(ClientInfoType.LoginUser).ToString(); IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { String sql = "DELETE from SYS_ANYQUERY where USERID = '" + userid + "' AND QUERYID='" + queryID + "' AND TEMPLATEID='" + fileName + "'"; InfoCommand myCommand = new InfoCommand(ClientInfo); myCommand.Connection = nwindConn; myCommand.CommandText = sql; myCommand.ExecuteNonQuery(); return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object SetUsers(object[] objParam) { string strMenuID = (String)objParam[0]; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { ArrayList GroupID = (ArrayList)objParam[1]; //delete groups which will possibly be repeated later string strDel = "delete from USERMENUS where MENUID = '" + strMenuID + "'"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; cmd.CommandText = strDel; cmd.ExecuteNonQuery(); //modify by lily 2011/5/26 刪除聯動的MenuControl的table內容 string lst = ""; for (int i = 0; i < GroupID.Count; i++) { lst = lst + "','" + GroupID[i].ToString(); } if (lst.Length > 3) { strDel = "delete from USERMENUCONTROL where MENUID='" + strMenuID + "' and USERID not in ('" + lst + "')"; } cmd.CommandText = strDel; cmd.ExecuteNonQuery(); //add new groups for (int i = 0; i < GroupID.Count; i++) { string strInsert = "insert into USERMENUS (USERID, MENUID) values ('" + GroupID[i].ToString() + "', '" + strMenuID + "')"; //为了区分不同的数据库 by Rei InfoCommand InsertCmd = new InfoCommand(ClientInfo); InsertCmd.Connection = nwindConn; InsertCmd.CommandText = strInsert; InsertCmd.ExecuteNonQuery(); } return new object[] { 0, null }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object OPMenu(object[] objParam) { string strMenuID = (String)objParam[0]; string strCaption = (String)objParam[1]; string strParent = (String)objParam[2]; string strModuleType = (String)objParam[3]; string strPackage = (String)objParam[4]; string strItemParam = (String)objParam[5]; string strForm = (String)objParam[6]; string strItemType = (String)objParam[7]; string strSEQ_NO = (String)objParam[8]; string strImageUrl = (String)objParam[11]; string captionlanguage = (String)objParam[12]; Srvtools.MGControl.OpType optype = (Srvtools.MGControl.OpType)objParam[9]; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = ""; string strBlob = ""; if (nwindConn is SqlConnection) strBlob = "update MENUTABLE set [IMAGE] = @icon where MENUID = '" + strMenuID + "'"; else if (nwindConn is OracleConnection) strBlob = "update MENUTABLE set IMAGE = :icon where MENUID = '" + strMenuID + "'"; else if (nwindConn is OdbcConnection) strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'"; else if (nwindConn is OleDbConnection) strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'"; else if (nwindConn.GetType().Name == "MySqlConnection") strBlob = "update MENUTABLE set IMAGE = @icon where MENUID = '" + strMenuID + "'"; else if (nwindConn.GetType().Name == "IfxConnection") strBlob = "update MENUTABLE set IMAGE = ? where MENUID = '" + strMenuID + "'"; InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; if (optype == Srvtools.MGControl.OpType.add) { if (nwindConn is SqlConnection) strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values (@MENUID, @CAPTION" + captionlanguage + ", @PARENT, @MODULETYPE, @PACKAGE, @ITEMPARAM, @FORM, @ITEMTYPE, @SEQ_NO, @IMAGEURL)"; else if (nwindConn is OracleConnection) strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values (:MENUID, :CAPTION" + captionlanguage + ", :PARENT, :MODULETYPE, :PACKAGE, :ITEMPARAM, :FORM, :ITEMTYPE, :SEQ_NO, :IMAGEURL)"; else if (nwindConn is OdbcConnection) strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + "', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; else if (nwindConn is OleDbConnection) //strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + // "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + // "', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM,IMAGE, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + "', '" + strItemParam + "', '" + strForm + "', " + "0x0" + ", '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; else if (nwindConn.GetType().Name == "MySqlConnection") strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM,IMAGE, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + "', '" + strItemParam + "', '" + strForm + "', " + "0x0" + ", '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; else if (nwindConn.GetType().Name == "IfxConnection") strSql = "insert into MENUTABLE (MENUID, CAPTION" + captionlanguage + ", PARENT, MODULETYPE, PACKAGE, ITEMPARAM, FORM, ITEMTYPE, SEQ_NO, IMAGEURL) " + "values ('" + strMenuID + "', '" + strCaption + "', '" + strParent + "', '" + strModuleType + "', '" + strPackage + "', '" + strItemParam + "', '" + strForm + "', '" + strItemType + "', '" + strSEQ_NO + "', '" + strImageUrl + "')"; if (nwindConn is SqlConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new SqlParameter("@MENUID", strMenuID)); cmd.Parameters.Add(new SqlParameter("@CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption)); cmd.Parameters.Add(new SqlParameter("@PARENT", strParent == null ? String.Empty : strParent)); cmd.Parameters.Add(new SqlParameter("@MODULETYPE", strModuleType == null ? String.Empty : strModuleType)); cmd.Parameters.Add(new SqlParameter("@PACKAGE", strPackage == null ? String.Empty : strPackage)); cmd.Parameters.Add(new SqlParameter("@ITEMPARAM", strItemParam == null ? String.Empty : strItemParam)); cmd.Parameters.Add(new SqlParameter("@FORM", strForm == null ? String.Empty : strForm)); //cmd.Parameters.Add(new SqlParameter("@IMAGE", "'0'")); cmd.Parameters.Add(new SqlParameter("@ITEMTYPE", strItemType == null ? String.Empty : strItemType)); cmd.Parameters.Add(new SqlParameter("@SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO)); cmd.Parameters.Add(new SqlParameter("@IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OracleConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new OracleParameter(":MENUID", strMenuID)); cmd.Parameters.Add(new OracleParameter(":CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption)); cmd.Parameters.Add(new OracleParameter(":PARENT", strParent == null ? String.Empty : strParent)); cmd.Parameters.Add(new OracleParameter(":MODULETYPE", strModuleType == null ? String.Empty : strModuleType)); cmd.Parameters.Add(new OracleParameter(":PACKAGE", strPackage == null ? String.Empty : strPackage)); cmd.Parameters.Add(new OracleParameter(":ITEMPARAM", strItemParam == null ? String.Empty : strItemParam)); cmd.Parameters.Add(new OracleParameter(":FORM", strForm == null ? String.Empty : strForm)); //cmd.Parameters.Add(new OracleParameter(":IMAGE", "'0'")); cmd.Parameters.Add(new OracleParameter(":ITEMTYPE", strItemType == null ? String.Empty : strItemType)); cmd.Parameters.Add(new OracleParameter(":SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO)); cmd.Parameters.Add(new OracleParameter(":IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OdbcConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new OdbcParameter("?", strMenuID)); cmd.Parameters.Add(new OdbcParameter("?" + captionlanguage, strCaption)); cmd.Parameters.Add(new OdbcParameter("?", strParent)); cmd.Parameters.Add(new OdbcParameter("?", strModuleType)); cmd.Parameters.Add(new OdbcParameter("?", strPackage)); cmd.Parameters.Add(new OdbcParameter("?", strItemParam)); cmd.Parameters.Add(new OdbcParameter("?", strForm)); cmd.Parameters.Add(new OdbcParameter("?", "'0'")); cmd.Parameters.Add(new OdbcParameter("?", strItemType)); cmd.Parameters.Add(new OdbcParameter("?", strSEQ_NO)); cmd.Parameters.Add(new OdbcParameter("?", strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OleDbConnection) { cmd.CommandText = strSql; //cmd.Parameters.Add(new OleDbParameter("@MENUID", strMenuID)); //cmd.Parameters.Add(new OleDbParameter("@CAPTION" + captionlanguage, strCaption)); //cmd.Parameters.Add(new OleDbParameter("@PARENT", strParent)); //cmd.Parameters.Add(new OleDbParameter("@MODULETYPE", strModuleType)); //cmd.Parameters.Add(new OleDbParameter("@PACKAGE", strPackage)); //cmd.Parameters.Add(new OleDbParameter("@ITEMPARAM", strItemParam)); //cmd.Parameters.Add(new OleDbParameter("@FORM", strForm)); //cmd.Parameters.Add(new OleDbParameter("@IMAGE", "'0'")); //cmd.Parameters.Add(new OleDbParameter("@ITEMTYPE", strItemType)); //cmd.Parameters.Add(new OleDbParameter("@SEQ_NO", strSEQ_NO)); //cmd.Parameters.Add(new OleDbParameter("@IMAGEURL", strImageUrl)); cmd.ExecuteNonQuery(); } #if MySql else if (nwindConn is MySqlConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new MySqlParameter("@MENUID", strMenuID)); cmd.Parameters.Add(new MySqlParameter("@CAPTION" + captionlanguage, strCaption)); cmd.Parameters.Add(new MySqlParameter("@PARENT", strParent)); cmd.Parameters.Add(new MySqlParameter("@MODULETYPE", strModuleType)); cmd.Parameters.Add(new MySqlParameter("@PACKAGE", strPackage)); cmd.Parameters.Add(new MySqlParameter("@ITEMPARAM", strItemParam)); cmd.Parameters.Add(new MySqlParameter("@FORM", strForm)); cmd.Parameters.Add(new MySqlParameter("@IMAGE", "'0'")); cmd.Parameters.Add(new MySqlParameter("@ITEMTYPE", strItemType)); cmd.Parameters.Add(new MySqlParameter("@SEQ_NO", strSEQ_NO)); cmd.Parameters.Add(new MySqlParameter("@IMAGEURL", strImageUrl)); cmd.ExecuteNonQuery(); } #endif #if Informix else if (nwindConn is IBM.Data.Informix.IfxConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strMenuID)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?" + captionlanguage, strCaption)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strParent)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strModuleType)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strPackage)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemParam)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strForm)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", "'0'")); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemType)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strSEQ_NO)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strImageUrl)); cmd.ExecuteNonQuery(); } #endif } else if (optype == Srvtools.MGControl.OpType.modify) { if (nwindConn is SqlConnection) strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = @CAPTION" + captionlanguage + ", PARENT = @PARENT, MODULETYPE = @MODULETYPE" + ", PACKAGE = @PACKAGE, ITEMPARAM = @ITEMPARAM, FORM = @FORM, ITEMTYPE = @ITEMTYPE, SEQ_NO = @SEQ_NO, IMAGEURL = @IMAGEURL where MENUID = '" + strMenuID + "'"; else if (nwindConn is OracleConnection) strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = :CAPTION" + captionlanguage + ", PARENT = :PARENT, MODULETYPE = :MODULETYPE" + ", PACKAGE = :PACKAGE, ITEMPARAM = :ITEMPARAM, FORM = :FORM, ITEMTYPE = :ITEMTYPE, SEQ_NO = :SEQ_NO, IMAGEURL = :IMAGEURL where MENUID = '" + strMenuID + "'"; else if (nwindConn is OdbcConnection) strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = '" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" + strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" + strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'"; else if (nwindConn is OleDbConnection) strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = N'" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" + strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" + strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'"; else if (nwindConn.GetType().Name == "MySqlConnection") strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = N'" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" + strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" + strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'"; else if (nwindConn.GetType().Name == "IfxConnection") strSql = "update MENUTABLE set CAPTION" + captionlanguage + " = '" + strCaption + "', PARENT = '" + strParent + "', MODULETYPE = '" + strModuleType + "', PACKAGE = '" + strPackage + "', ITEMPARAM = '" + strItemParam + "', FORM = '" + strForm + "', ITEMTYPE = '" + strItemType + "', SEQ_NO = '" + strSEQ_NO + "',IMAGEURL = '" + strImageUrl + "' where MENUID = '" + strMenuID + "'"; if (nwindConn is SqlConnection) { cmd.CommandText = strSql; //cmd.Parameters.Add(new SqlParameter("@MENUID", strMenuID)); cmd.Parameters.Add(new SqlParameter("@CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption)); cmd.Parameters.Add(new SqlParameter("@PARENT", strParent == null ? String.Empty : strParent)); cmd.Parameters.Add(new SqlParameter("@MODULETYPE", strModuleType == null ? String.Empty : strModuleType)); cmd.Parameters.Add(new SqlParameter("@PACKAGE", strPackage == null ? String.Empty : strPackage)); cmd.Parameters.Add(new SqlParameter("@ITEMPARAM", strItemParam == null ? String.Empty : strItemParam)); cmd.Parameters.Add(new SqlParameter("@FORM", strForm == null ? String.Empty : strForm)); //cmd.Parameters.Add(new SqlParameter("@IMAGE", "'0'")); cmd.Parameters.Add(new SqlParameter("@ITEMTYPE", strItemType == null ? String.Empty : strItemType)); cmd.Parameters.Add(new SqlParameter("@SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO)); cmd.Parameters.Add(new SqlParameter("@IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OracleConnection) { cmd.CommandText = strSql; //cmd.Parameters.Add(new OracleParameter(":MENUID", strMenuID)); cmd.Parameters.Add(new OracleParameter(":CAPTION" + captionlanguage, strCaption == null ? String.Empty : strCaption)); cmd.Parameters.Add(new OracleParameter(":PARENT", strParent == null ? String.Empty : strParent)); cmd.Parameters.Add(new OracleParameter(":MODULETYPE", strModuleType == null ? String.Empty : strModuleType)); cmd.Parameters.Add(new OracleParameter(":PACKAGE", strPackage == null ? String.Empty : strPackage)); cmd.Parameters.Add(new OracleParameter(":ITEMPARAM", strItemParam == null ? String.Empty : strItemParam)); cmd.Parameters.Add(new OracleParameter(":FORM", strForm == null ? String.Empty : strForm)); //cmd.Parameters.Add(new OracleParameter(":IMAGE", "'0'")); cmd.Parameters.Add(new OracleParameter(":ITEMTYPE", strItemType == null ? String.Empty : strItemType)); cmd.Parameters.Add(new OracleParameter(":SEQ_NO", strSEQ_NO == null ? String.Empty : strSEQ_NO)); cmd.Parameters.Add(new OracleParameter(":IMAGEURL", strImageUrl == null ? String.Empty : strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OdbcConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new OdbcParameter("?", strMenuID)); cmd.Parameters.Add(new OdbcParameter("?" + captionlanguage, strCaption)); cmd.Parameters.Add(new OdbcParameter("?", strParent)); cmd.Parameters.Add(new OdbcParameter("?", strModuleType)); cmd.Parameters.Add(new OdbcParameter("?", strPackage)); cmd.Parameters.Add(new OdbcParameter("?", strItemParam)); cmd.Parameters.Add(new OdbcParameter("?", strForm)); cmd.Parameters.Add(new OdbcParameter("?", "'0'")); cmd.Parameters.Add(new OdbcParameter("?", strItemType)); cmd.Parameters.Add(new OdbcParameter("?", strSEQ_NO)); cmd.Parameters.Add(new OdbcParameter("?", strImageUrl)); cmd.ExecuteNonQuery(); } else if (nwindConn is OleDbConnection) { cmd.CommandText = strSql; //cmd.Parameters.Add(new OleDbParameter("@MENUID", strMenuID)); //cmd.Parameters.Add(new OleDbParameter("@CAPTION" + captionlanguage, strCaption)); //cmd.Parameters.Add(new OleDbParameter("@PARENT", strParent)); //cmd.Parameters.Add(new OleDbParameter("@MODULETYPE", strModuleType)); //cmd.Parameters.Add(new OleDbParameter("@PACKAGE", strPackage)); //cmd.Parameters.Add(new OleDbParameter("@ITEMPARAM", strItemParam)); //cmd.Parameters.Add(new OleDbParameter("@FORM", strForm)); //cmd.Parameters.Add(new OleDbParameter("@IMAGE", "'0'")); //cmd.Parameters.Add(new OleDbParameter("@ITEMTYPE", strItemType)); //cmd.Parameters.Add(new OleDbParameter("@SEQ_NO", strSEQ_NO)); //cmd.Parameters.Add(new OleDbParameter("@IMAGEURL", strImageUrl)); cmd.ExecuteNonQuery(); } #if MySql else if (nwindConn is MySqlConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new MySqlParameter("@MENUID", strMenuID)); cmd.Parameters.Add(new MySqlParameter("@CAPTION" + captionlanguage, strCaption)); cmd.Parameters.Add(new MySqlParameter("@PARENT", strParent)); cmd.Parameters.Add(new MySqlParameter("@MODULETYPE", strModuleType)); cmd.Parameters.Add(new MySqlParameter("@PACKAGE", strPackage)); cmd.Parameters.Add(new MySqlParameter("@ITEMPARAM", strItemParam)); cmd.Parameters.Add(new MySqlParameter("@FORM", strForm)); cmd.Parameters.Add(new MySqlParameter("@IMAGE", "'0'")); cmd.Parameters.Add(new MySqlParameter("@ITEMTYPE", strItemType)); cmd.Parameters.Add(new MySqlParameter("@SEQ_NO", strSEQ_NO)); cmd.Parameters.Add(new MySqlParameter("@IMAGEURL", strImageUrl)); cmd.ExecuteNonQuery(); } #endif #if Informix else if (nwindConn is IBM.Data.Informix.IfxConnection) { cmd.CommandText = strSql; cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strMenuID)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?" + captionlanguage, strCaption)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strParent)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strModuleType)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strPackage)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemParam)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strForm)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", "'0'")); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strItemType)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strSEQ_NO)); cmd.Parameters.Add(new IBM.Data.Informix.IfxParameter("?", strImageUrl)); cmd.ExecuteNonQuery(); } #endif } else { strSql = "delete from MENUTABLE where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from USERMENUS where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from GROUPMENUS where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from MENUTABLECONTROL where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from USERMENUCONTROL where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); strSql = "delete from GROUPMENUCONTROL where MENUID = '" + strMenuID + "'"; cmd.CommandText = strSql; cmd.ExecuteNonQuery(); } if (optype != Srvtools.MGControl.OpType.delete && objParam[10] != null) { byte[] blob = (byte[])objParam[10]; if (nwindConn is SqlConnection) { SqlParameter param = new SqlParameter("@icon", SqlDbType.VarBinary, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); cmd.ExecuteNonQuery(); } else if (nwindConn is OracleConnection) { OracleParameter param = new OracleParameter(":icon", OracleType.Blob, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); cmd.ExecuteNonQuery(); } else if (nwindConn is OdbcConnection) { OdbcParameter param = new OdbcParameter("?", OdbcType.VarBinary, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); try { cmd.ExecuteNonQuery(); } catch (Exception e) { string str = e.Message; } } else if (nwindConn is OleDbConnection) { OleDbParameter param = new OleDbParameter("@icon", OleDbType.LongVarBinary, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); cmd.ExecuteNonQuery(); } #if MySql else if (nwindConn is MySqlConnection) { MySqlParameter param = new MySqlParameter("@icon", MySqlDbType.Blob, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); cmd.ExecuteNonQuery(); } #endif #if Informix else if (nwindConn is IBM.Data.Informix.IfxConnection) { IBM.Data.Informix.IfxParameter param = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.Blob, blob.Length, ParameterDirection.Input, false, 0, 0, null, DataRowVersion.Current, blob); cmd.CommandText = strBlob; cmd.Parameters.Add(param); try { cmd.ExecuteNonQuery(); } catch (Exception e) { string str = e.Message; } } #endif } return new object[] { 0, null }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object UpdateADGroups(object[] objParam) { String[] strAdGroups = objParam[0].ToString().Split(new String[] { ";" }, StringSplitOptions.RemoveEmptyEntries); object[] myRet = (object[])GetADUserForGroup(null); ArrayList alADGroups = myRet[1] as ArrayList; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, false); try { foreach (String strADGroup in strAdGroups) { foreach (ADGroup group in alADGroups) { if (strADGroup == group.ID) { InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql) { cmd.CommandText = "DELETE FROM GROUPS WHERE GROUPNAME=@GROUPNAME"; IDbDataParameter idpGROUPNAME = cmd.CreateParameter(); idpGROUPNAME.ParameterName = "@GROUPNAME"; idpGROUPNAME.Value = group.ID; cmd.Parameters.Add(idpGROUPNAME); } else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix) { cmd.CommandText = "DELETE FROM GROUPS WHERE GROUPNAME=?"; IDbDataParameter idpGROUPNAME = cmd.CreateParameter(); idpGROUPNAME.ParameterName = "?"; idpGROUPNAME.Value = group.ID; cmd.Parameters.Add(idpGROUPNAME); } else if (ct == ClientType.ctOracle) { cmd.CommandText = "DELETE FROM GROUPS WHERE GROUPNAME=:GROUPNAME"; IDbDataParameter idpGROUPNAME = cmd.CreateParameter(); idpGROUPNAME.ParameterName = ":GROUPNAME"; idpGROUPNAME.Value = group.ID; cmd.Parameters.Add(idpGROUPNAME); } cmd.ExecuteNonQuery(); cmd.Parameters.Clear(); if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql) { cmd.CommandText = "INSERT INTO GROUPS (GROUPID, GROUPNAME, DESCRIPTION, MSAD) " + "VALUES (@GROUPID, @GROUPNAME, @DESCRIPTION, 'Y')"; IDbDataParameter idpGROUPID = cmd.CreateParameter(); idpGROUPID.ParameterName = "@GROUPID"; idpGROUPID.Value = "ad" + GetGroupID().ToString("000"); IDbDataParameter idpGROUPNAME = cmd.CreateParameter(); idpGROUPNAME.ParameterName = "@GROUPNAME"; idpGROUPNAME.Value = group.ID; IDbDataParameter idpDESCRIPTION = cmd.CreateParameter(); idpDESCRIPTION.ParameterName = "@DESCRIPTION"; idpDESCRIPTION.Value = group.Description; cmd.Parameters.Add(idpGROUPID); cmd.Parameters.Add(idpGROUPNAME); cmd.Parameters.Add(idpDESCRIPTION); } else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix) { cmd.CommandText = "INSERT INTO GROUPS (GROUPID, GROUPNAME, DESCRIPTION, MSAD) " + "VALUES (?, ?, ?, 'Y')"; IDbDataParameter idpGROUPID = cmd.CreateParameter(); idpGROUPID.ParameterName = "?"; idpGROUPID.Value = "ad" + GetGroupID().ToString("000"); IDbDataParameter idpGROUPNAME = cmd.CreateParameter(); idpGROUPNAME.ParameterName = "?"; idpGROUPNAME.Value = group.ID; IDbDataParameter idpDESCRIPTION = cmd.CreateParameter(); idpDESCRIPTION.ParameterName = "?"; idpDESCRIPTION.Value = group.Description; cmd.Parameters.Add(idpGROUPID); cmd.Parameters.Add(idpGROUPNAME); cmd.Parameters.Add(idpDESCRIPTION); } else if (ct == ClientType.ctOracle) { cmd.CommandText = "INSERT INTO GROUPS (GROUPID, GROUPNAME, DESCRIPTION, MSAD) " + "VALUES (:GROUPID, :GROUPNAME, :DESCRIPTION, 'Y')"; IDbDataParameter idpGROUPID = cmd.CreateParameter(); idpGROUPID.ParameterName = ":GROUPID"; idpGROUPID.Value = "ad" + GetGroupID().ToString("000"); IDbDataParameter idpGROUPNAME = cmd.CreateParameter(); idpGROUPNAME.ParameterName = ":GROUPNAME"; idpGROUPNAME.Value = group.ID; IDbDataParameter idpDESCRIPTION = cmd.CreateParameter(); idpDESCRIPTION.ParameterName = ":DESCRIPTION"; idpDESCRIPTION.Value = group.Description; cmd.Parameters.Add(idpGROUPID); cmd.Parameters.Add(idpGROUPNAME); cmd.Parameters.Add(idpDESCRIPTION); } cmd.ExecuteNonQuery(); foreach (String user in group.Users) { cmd.Parameters.Clear(); if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql) { cmd.CommandText = "DELETE FROM USERGROUPS WHERE GROUPID=@GROUPID AND USERID=@USERID"; IDbDataParameter idpGROUPID = cmd.CreateParameter(); idpGROUPID.ParameterName = "@GROUPID"; idpGROUPID.Value = group.ID; cmd.Parameters.Add(idpGROUPID); IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = "@USERID"; idpUSERID.Value = user; cmd.Parameters.Add(idpUSERID); } else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix) { cmd.CommandText = "DELETE FROM USERGROUPS WHERE GROUPID=? AND USERID=?"; IDbDataParameter idpGROUPID = cmd.CreateParameter(); idpGROUPID.ParameterName = "?"; idpGROUPID.Value = group.ID; cmd.Parameters.Add(idpGROUPID); IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = "?"; idpUSERID.Value = user; cmd.Parameters.Add(idpUSERID); } else if (ct == ClientType.ctOracle) { cmd.CommandText = "DELETE FROM USERGROUPS WHERE GROUPID=:GROUPID AND USERID=:USERID"; IDbDataParameter idpGROUPID = cmd.CreateParameter(); idpGROUPID.ParameterName = ":GROUPID"; idpGROUPID.Value = group.ID; cmd.Parameters.Add(idpGROUPID); IDbDataParameter idpUSERID = cmd.CreateParameter(); idpUSERID.ParameterName = ":USERID"; idpUSERID.Value = user; cmd.Parameters.Add(idpUSERID); } cmd.ExecuteNonQuery(); if (ct == ClientType.ctMsSql || ct == ClientType.ctMySql) { cmd.CommandText = "INSERT INTO USERGROUPS (GROUPID, USERID) " + "VALUES (@GROUPID, @USERID)"; } else if (ct == ClientType.ctOleDB || ct == ClientType.ctSybase || ct == ClientType.ctODBC || ct == ClientType.ctInformix) { cmd.CommandText = "INSERT INTO USERGROUPS (GROUPID, USERID) " + "VALUES (?, ?)"; } else if (ct == ClientType.ctOracle) { cmd.CommandText = "INSERT INTO USERGROUPS (GROUPID, USERID) " + "VALUES (:GROUPID, :USERID)"; } cmd.ExecuteNonQuery(); } break; } } } return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, false); } }
//ILogin不用 public object[] ChangePassword(object[] objParam) { string XMLParams = objParam[0].ToString(); string[] ss = XMLParams.Split(":".ToCharArray()); string sUserId = ss[0]; //MD5 md5 = new MD5CryptoServiceProvider(); //byte[] pwdBytes = md5.ComputeHash(Encoding.ASCII.GetBytes(ss[1])); //byte[] result = md5.ComputeHash(pwdBytes); //string sOldPwd = BitConverter.ToString(result); //pwdBytes = md5.ComputeHash(Encoding.ASCII.GetBytes(ss[2])); //result = md5.ComputeHash(pwdBytes); //string sNewPwd = BitConverter.ToString(result); if (ss[1].Length > 10 || ss[2].Length > 10) { return new object[] { 0, "E" }; } char[] p = new char[] { }; bool q; if (ss[1] != "") q = Encrypt.EncryptPassword(sUserId, ss[1], 10, ref p, false); string sOldPwd = new string(p); p = new char[] { }; if (ss[2] != "") q = Encrypt.EncryptPassword(sUserId, ss[2], 10, ref p, false); string sNewPwd = new string(p); #region Build the command and exec the command to log error ClientType ct = ClientType.ctNone; IDbConnection conn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { String sQL = ""; //为了区分不同的数据库 by Rei InfoCommand command = new InfoCommand(ClientInfo); if (conn.GetType().ToString() == "System.Data.SqlClient.SqlConnection") { if (ss[1] != "") sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and PWD = @OldPwd"; else sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and (PWD = '' or PWD is null)"; } else if (conn.GetType().ToString() == "System.Data.OracleClient.OracleConnection") { if (ss[1] != "") sQL = "update USERS set PWD = :NewPwd where USERID = :UserId and PWD = :OldPwd"; else sQL = "update USERS set PWD = :NewPwd where USERID = :UserId and (PWD = '' or PWD is null)"; } else if (conn.GetType().ToString() == "System.Data.Odbc.OdbcConnection") { if (ss[1] != "") sQL = "update USERS set PWD =? where USERID =? and PWD =?"; else sQL = "update USERS set PWD =? where USERID =? and (PWD = '' or PWD is null)"; //if (ss[1] != "") sQL = "update USERS set PWD = $NewPwd where USERID = $UserId and PWD = $OldPwd"; //else sQL = "update USERS set PWD = $NewPwd where USERID = $UserId and PWD = ''"; } else if (conn.GetType().ToString() == "System.Data.OleDb.OleDbConnection") { if (ss[1] != "") sQL = "update USERS set PWD = ? where USERID = ? and PWD = ?"; else sQL = "update USERS set PWD = ? where USERID = ? and (PWD = '' or PWD is null)"; } else if (conn.GetType().Name == "MySqlConnection") { if (ss[1] != "") sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and PWD = @OldPwd"; else sQL = "update USERS set PWD = @NewPwd where USERID = @UserId and (PWD = '' or PWD is null)"; } else if (conn.GetType().Name == "IfxConnection") { if (ss[1] != "") sQL = "update USERS set PWD =? where USERID =? and PWD =?"; else sQL = "update USERS set PWD =? where USERID =? and (PWD = '' or PWD is null)"; } command.CommandText = sQL; command.Connection = conn; DbParameter paramNewPwd = null; DbParameter paramUserId = null; DbParameter paramOldPwd = null; if (conn is OleDbConnection) { paramNewPwd = new OleDbParameter("@NewPwd", OleDbType.VarChar, 10); paramUserId = new OleDbParameter("@UserId", OleDbType.VarChar, 20); paramOldPwd = new OleDbParameter("@OldPwd", OleDbType.VarChar, 10); } else if (conn is OdbcConnection) { paramNewPwd = new OdbcParameter("?", OdbcType.NVarChar, 10); paramUserId = new OdbcParameter("?", OdbcType.VarChar, 20); paramOldPwd = new OdbcParameter("?", OdbcType.NVarChar, 10); } else if (conn is OracleConnection) { paramNewPwd = new OracleParameter(":NewPwd", OracleType.NVarChar, 10); paramUserId = new OracleParameter(":UserId", OracleType.VarChar, 20); paramOldPwd = new OracleParameter(":OldPwd", OracleType.NVarChar, 10); } else if (conn is SqlConnection) { paramNewPwd = new SqlParameter("@NewPwd", SqlDbType.VarChar, 10); paramUserId = new SqlParameter("@UserId", SqlDbType.VarChar, 20); paramOldPwd = new SqlParameter("@OldPwd", SqlDbType.VarChar, 10); } #if MySql else if (conn is MySqlConnection) { paramNewPwd = new MySqlParameter("@NewPwd", MySqlDbType.VarChar, 10); paramUserId = new MySqlParameter("@UserId", MySqlDbType.VarChar, 20); paramOldPwd = new MySqlParameter("@OldPwd", MySqlDbType.VarChar, 10); } #endif #if Informix else if (conn is IBM.Data.Informix.IfxConnection) { paramNewPwd = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 10); paramUserId = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 20); paramOldPwd = new IBM.Data.Informix.IfxParameter("?", IBM.Data.Informix.IfxType.VarChar, 10); } #endif paramNewPwd.Value = sNewPwd; paramUserId.Value = sUserId; paramOldPwd.Value = sOldPwd; if (!(conn is OdbcConnection)) { command.Parameters.Add(paramNewPwd); command.Parameters.Add(paramUserId); if (ss[1] != "") command.Parameters.Add(paramOldPwd); } Int32 i = command.ExecuteNonQuery(); if (i != 1) { return new object[] { 0, "E" }; //By Lily 表示没有找到该User,可能是UserID错误,或者原始密码错误。 } else { //验证密码有效期 by rei command.Parameters.Clear(); command.CommandText = "UPDATE USERS SET LASTDATE='" + DateTime.Today.Year.ToString() + DateTime.Today.Month.ToString("00") + DateTime.Today.Day.ToString("00") + "' WHERE USERID='" + sUserId + "'"; command.ExecuteNonQuery(); return new object[] { 0, "O" }; //找到该User,并更新好新密码。 } } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conn, true); } #endregion }
public object UpdateMenu(object[] objParam) { for (int i = 0; i < objParam.Length; i++) { string Group = (String)objParam[i]; if (Group == null) continue; string[] insert = Group.Split(';'); if (insert[0] == null || insert[0] == "") return new object[] { 0 }; else { ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = "update MENUTABLECONTROL set DESCRIPTION = '" + insert[2] + "' where MENUID = '" + insert[0] + "' and CONTROLNAME = '" + insert[1] + "'"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } } } return new object[] { 0 }; }
public object[] PackageRollback(object[] objParam) { string projectname = ((string)objParam[0]); string filename = ((string)objParam[1]); string dt = ((string)objParam[2]); PackageType ptype = ((PackageType)objParam[3]); string packagetype = ""; switch (ptype) { case PackageType.Client: packagetype = "C"; break; case PackageType.Server: packagetype = "S"; break; case PackageType.WebClient: packagetype = "W"; break; } ClientType ct = ClientType.ctMsSql; //IDbConnection nwindConn = AllocateConnection(GetSystemDBName(), ref ct, false); //menuchecklog用sysDB里的 IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); //取登陆后的DBAlias ——by Rei try { string strsql = ""; if (nwindConn is SqlConnection) strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND [FILENAME] ='" + filename + "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE >'" + dt + "'"; else if (nwindConn is OdbcConnection) strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename + "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE > to_date('" + String.Format("{0:yyyyMMddHHmmss}", Convert.ToDateTime(dt)) + "', '%Y%m%d%H%M%S')"; else if (nwindConn is OracleConnection) strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename + "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE > to_date('" + dt + "', 'yyyy-mm-dd hh24:mi:ss')"; else if (nwindConn is OleDbConnection) strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename + "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE >'" + dt + "'"; else if (nwindConn.GetType().Name == "MySqlConnection") strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename + "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE > '" + dt + "'"; else if (nwindConn.GetType().Name == "IfxConnection") strsql = "DELETE FROM MENUCHECKLOG WHERE ITEMTYPE ='" + projectname + "' AND FILENAME ='" + filename + "' AND FILETYPE='" + packagetype + "' AND PACKAGEDATE > to_date('" + String.Format("{0:yyyyMMddHHmmss}", Convert.ToDateTime(dt)) + "', '%Y%m%d%H%M%S')"; InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; cmd.CommandText = strsql; cmd.ExecuteNonQuery(); string strBlob = ""; if (nwindConn is SqlConnection) strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE [FILENAME] = '" + filename + "' AND PACKAGEDATE = '" + dt + "' AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'"; else if (nwindConn is OdbcConnection) strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = to_date('" + String.Format("{0:yyyyMMddHHmmss}", Convert.ToDateTime(dt)) + "', '%Y%m%d%H%M%S') " + " AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'"; else if (nwindConn is OracleConnection) strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = to_date('" + dt + "', 'yyyy-mm-dd hh24:mi:ss')" + " AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'"; else if (nwindConn is OleDbConnection) strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = '" + dt + "' AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'"; else if (nwindConn.GetType().Name == "MySqlConnection") strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = '" + dt + "'" + " AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'"; else if (nwindConn.GetType().Name == "IfxConnection") strBlob = "SELECT FILECONTENT, FILEDATE FROM MENUCHECKLOG WHERE FILENAME = '" + filename + "' AND PACKAGEDATE = to_date('" + String.Format("{0:yyyyMMddHHmmss}", Convert.ToDateTime(dt)) + "', '%Y%m%d%H%M%S') " + " AND ITEMTYPE ='" + projectname + "' AND FILETYPE='" + packagetype + "'"; cmd.CommandText = strBlob; IDataReader idr = cmd.ExecuteReader(); idr.Read(); try { byte[] blob = new byte[idr.GetBytes(0, 0, null, 0, int.MaxValue)]; idr.GetBytes(0, 0, blob, 0, blob.Length); DateTime dtfile = new DateTime(); try { dtfile = (DateTime)idr.GetValue(1); //找到记录 } catch { dtfile = DateTime.MinValue; } cmd.Cancel(); idr.Close(); PackageService ps = new PackageService(); ps.Upload(filename, projectname, ptype, blob, dtfile); return new object[] { 0, 0 }; } catch (Exception e) { return new object[] { 0, 1, e.Message }; } } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object UpdateNodes(object[] objParam) { string strMenuID = (String)objParam[0]; string strParent = (String)objParam[1]; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql; if (strParent != null) { strSql = "update MENUTABLE set PARENT = '" + strParent + "' where MENUID = '" + strMenuID + "'"; } else { strSql = "update MENUTABLE set PARENT = null where MENUID = '" + strMenuID + "'"; } //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); return new object[] { 0, null }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object[] SavePersonalSettings(object[] objParam) { ClientType ct = ClientType.ctMsSql; IDbConnection conncetion = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); string formName = (string)objParam[0]; string compName = (string)objParam[1]; string userId = (string)objParam[2]; string remark = (string)objParam[3]; string propContent = (string)objParam[4]; string sql = string.Format("SELECT COUNT(*) FROM SYS_PERSONAL WHERE FORMNAME='{0}' AND COMPNAME='{1}' AND USERID='{2}'", formName, compName, userId); InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = conncetion; cmd.CommandText = sql; try { int count = (int)cmd.ExecuteScalar(); if (count > 0) { sql = string.Format("UPDATE SYS_PERSONAL SET REMARK='{0}',PROPCONTENT='{1}',CREATEDATE='{2}' WHERE FORMNAME='{3}' AND COMPNAME='{4}' AND USERID='{5}'", remark, propContent, DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss"), formName, compName, userId); } else { sql = string.Format("INSERT INTO SYS_PERSONAL (FORMNAME,COMPNAME,USERID,REMARK,PROPCONTENT,CREATEDATE) VALUES ('{0}','{1}','{2}','{3}','{4}','{5}')", formName, compName, userId, remark, propContent, DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss")); } cmd.CommandText = sql; cmd.ExecuteNonQuery(); return new object[] { 0 }; } catch (Exception e) { return new object[] { 1, e.Message }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), conncetion, true); } }
public object UpdateUser(object[] objParam) { string User = (String)objParam[0]; string[] insert = User.Split(';'); if (insert[0] == null || insert[0] == "") return new object[] { 0 }; else { ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { string strSql = "update USERMENUCONTROL set ENABLED = '" + insert[4] + "', VISIBLE = '" + insert[5] + "', ALLOWADD = '" + insert[6] + "', ALLOWUPDATE = '" + insert[7] + "', ALLOWDELETE = '" + insert[8] + "', ALLOWPRINT = '" + insert[9] + "' where USERID = '" + insert[0] + "' and MENUID = '" + insert[1] + "' and CONTROLNAME = '" + insert[2] + "'"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; cmd.ExecuteNonQuery(); return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } } }
public object[] SendMessage(object[] objParams) { bool bGroup = (bool)objParams[0]; string sUser = (string)objParams[1]; string sMsg = (string)objParams[2]; string sParams = (string)objParams[3]; string sNow = FormatDateTime(DateTime.Now); string sLoginUser = GetClientInfo(ClientInfoType.LoginUser).ToString(); string status = "S"; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { //为了区分不同的数据库 by Rei InfoCommand myCommand = new InfoCommand(ClientInfo); myCommand.Connection = nwindConn; string strSql = ""; ArrayList arrUsers = new ArrayList(); if (bGroup) { strSql = string.Format("select distinct USERID from USERGROUPS where GROUPID = '{0}'", sUser); myCommand.CommandText = strSql; IDataReader aReader = myCommand.ExecuteReader(); try { bool b = aReader.Read(); while (b) { arrUsers.Add(aReader.GetString(0)); b = aReader.Read(); } } finally { aReader.Close(); } } else { arrUsers.Add(sUser); } for (int i = 0; i < arrUsers.Count; i++) { strSql = string.Format("insert into SYS_MESSENGER (USERID, MESSAGE, PARAS, SENDTIME, SENDERID, STATUS) values('{0}', '{1}', '{2}', '{3}', '{4}', '{5}')", (string)arrUsers[i], sMsg, sParams, sNow, sLoginUser, status); myCommand.CommandText = strSql; myCommand.ExecuteNonQuery(); } return new object[] { 0 }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
public object DeleteDDColumns(object[] objParam) { string tabName = (String)objParam[0]; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, false); try { string strSql = "delete from COLDEF where TABLE_NAME = '" + tabName + "'"; //IDbTransaction it = nwindConn.BeginTransaction(); //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.CommandText = strSql; cmd.Connection = nwindConn; //cmd.Transaction = it; cmd.ExecuteNonQuery(); //it.Commit(); return new object[] { 0, null }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, false); } }
//ILogin 不用 public object SetUserGroups(object[] objParam) { string strGroupID = (String)objParam[0]; ClientType ct = ClientType.ctMsSql; IDbConnection nwindConn = AllocateConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), ref ct, true); try { //delete groups which will possibly be repeated later string strDel = "delete from USERGROUPS where GROUPID = '" + strGroupID + "'"; //为了区分不同的数据库 by Rei InfoCommand cmd = new InfoCommand(ClientInfo); cmd.Connection = nwindConn; cmd.CommandText = strDel; cmd.ExecuteNonQuery(); //add new groups if (objParam[1] != null && objParam[1].ToString() != "") { string[] UserID = ((string)objParam[1]).Split(';'); for (int i = 0; i < UserID.Length; i++) if (UserID[i].ToString() != "" && strGroupID != "") { string strInsert = "insert into USERGROUPS (USERID, GROUPID) values ('" + UserID[i].ToString() + "', '" + strGroupID + "')"; //为了区分不同的数据库 by Rei InfoCommand InsertCmd = new InfoCommand(ClientInfo); InsertCmd.Connection = nwindConn; InsertCmd.CommandText = strInsert; InsertCmd.ExecuteNonQuery(); } } return new object[] { 0, null }; } finally { ReleaseConnection(GetClientInfo(ClientInfoType.LoginDB).ToString(), nwindConn, true); } }
private void SetDataToSYS_REFVAL(String tableName, String displayMember, String valueMember, String selectAlias, String selectCommand) { InfoCommand aInfoCommand = new InfoCommand(FClientData.DatabaseType); aInfoCommand.Connection = InternalConnection; aInfoCommand.CommandText = String.Format("DELETE FROM SYS_REFVAL WHERE REFVAL_NO='{0}'", "SL." + tableName); if (InternalConnection.State != ConnectionState.Open) InternalConnection.Open(); aInfoCommand.ExecuteNonQuery(); aInfoCommand.CommandText = String.Format("INSERT INTO SYS_REFVAL (REFVAL_NO,TABLE_NAME,DISPLAY_MEMBER,SELECT_ALIAS,SELECT_COMMAND,VALUE_MEMBER) VALUES('{0}','{1}','{2}','{3}','{4}','{5}')", "SL." + tableName, tableName, displayMember, selectAlias, selectCommand, valueMember); aInfoCommand.ExecuteNonQuery(); }
private void btnOK_Click(object sender, EventArgs e) { string DBName = this.cmbDB.Text; string DBString = this.cmbDB.SelectedValue.ToString(); string DBType = ""; string itemType = ""; foreach (DataRow dr in table.Rows) { if (dr["DBName"].ToString() == DBName) { DBType = dr["DBType"].ToString(); break; } } IDbConnection connection = AllocateConnection(DBType, DBString); InfoCommand cmd = new InfoCommand(); string strSql = "select * from MENUITEMTYPE"; cmd.CommandText = strSql; cmd.Connection = connection; connection.Open(); IDataReader dreader = cmd.ExecuteReader(); bool bItemTypeExisted = false; while (dreader.Read()) { if (dreader["ITEMNAME"].ToString() == this.itemName) { bItemTypeExisted = true; itemType = dreader["ITEMTYPE"].ToString(); } } dreader.Close(); if (!bItemTypeExisted) { //Solution原本不存在,新建一个Solution strSql = "insert into MENUITEMTYPE (ITEMTYPE, ITEMNAME) values ('" + this.itemName + "', '" + this.itemName + "')"; cmd.CommandText = strSql; cmd.Connection = connection; cmd.ExecuteNonQuery(); itemType = this.itemName; } foreach (string menu in this.menuList) { strSql = "select count(*) from MENUTABLE where PACKAGE = '" + menu + "' and MODULETYPE = 'S' and ITEMTYPE = '" + itemType + "'"; cmd.CommandText = strSql; cmd.Connection = connection; int count = (int)cmd.ExecuteScalar(); if (count == 0) { strSql = "insert into MENUTABLE (MENUID, CAPTION, PACKAGE, MODULETYPE, ITEMTYPE) " + "values ('" + menu + "id', '" + menu + "', '" + menu + "', 'S', '" + itemType + "')"; cmd.CommandText = strSql; cmd.Connection = connection; cmd.ExecuteNonQuery(); } } this.Close(); }