public ActionResult UpdSysInfo(Models.TaskOfUpdate FormCols) { /*欄位Validation*/ if (ModelState.IsValid == false) { return(View(FormCols)); } /*初始化宣告*/ App_Code.clsUtility objUtil = null; string SqlCmd = ""; try { /*OWASP檢查*/ OWASP_Verify(FormCols.SysName); OWASP_Verify(FormCols.GrpName); /*參數透過AntiXss編碼*/ FormCols.SysCode = Convert.ToInt16(AntiXssEncoder.HtmlEncode(FormCols.SysCode.ToString(), true)); FormCols.SysName = AntiXssEncoder.HtmlEncode(FormCols.SysName, true); FormCols.GrpName = AntiXssEncoder.HtmlEncode(FormCols.GrpName, true); objUtil = new App_Code.clsUtility(); using (var SqlConn = new SqlConnection(objUtil.ConnStrDecrypt(ConfigurationManager.ConnectionStrings["TGWLogs"].ConnectionString))) { SqlCmd = "UPDATE SYSTEM_LIST SET " + "varSYS_DESC = @SysName," + "varOWN_GRP = @GrpName," + "dtMODIFY_DATE = GETDATE() " + "WHERE intSYS_CODE = @SysCode"; var SqlParams = new { @SysCode = FormCols.SysCode, @SysName = Server.HtmlDecode(FormCols.SysName), @GrpName = Server.HtmlDecode(FormCols.GrpName) }; SqlConn.Execute(SqlCmd, SqlParams); } TempData["ExeRst"] = "【" + Server.HtmlDecode(FormCols.SysName) + "】更新成功"; return(RedirectToAction("SysList", "TGW", new { PageIdx = 1, SystemName = FormCols.SysName })); } catch (Exception ex) { return(RedirectToAction("Exception", "TGW", new { @MsgCont = ex.Message })); } finally { objUtil = null; } }
public ActionResult UpdSysInfo(int SCode = 0, string SName = "", string GName = "") { try { /*OWASP檢查*/ OWASP_Verify(SCode.ToString()); OWASP_Verify(SName); OWASP_Verify(GName); /*參數透過AntiXss編碼*/ SCode = Convert.ToInt16(AntiXssEncoder.HtmlEncode(SCode.ToString(), true)); SName = AntiXssEncoder.HtmlEncode(SName, true); GName = AntiXssEncoder.HtmlEncode(GName, true); var ColCollect = new Models.TaskOfUpdate { SysCode = SCode, SysName = Server.HtmlDecode(SName), GrpName = Server.HtmlDecode(GName) }; return(View(ColCollect)); } catch (Exception ex) { return(RedirectToAction("Exception", "TGW", new { @MsgCont = ex.Message })); } }