public List<CiudadDTO> getCiudad(int idDepartamento = -1)
{
List<CiudadDTO> lstCiudad = new List<CiudadDTO>();
Parametros p = new Parametros();
CiudadDTO itemCiudad;
using (OracleConnection con = new OracleConnection(p.oracleConnString().ToString()))
{
con.Open();
OracleCommand cmd = con.CreateCommand();
cmd.CommandText = (idDepartamento != -1) ? "select IDCIUDAD, IDDEPARTAMENTO, NOMBRECIUDAD from ciudad where IDDEPARTAMENTO =" + idDepartamento.ToString() : "select IDCIUDAD, IDDEPARTAMENTO, NOMBRECIUDAD from ciudad";
using (OracleDataReader reader = cmd.ExecuteReader())
{
while (reader.Read())
{
itemCiudad = new CiudadDTO();
itemCiudad.idCiudad = reader.GetInt32(0);
itemCiudad.idDepartamento = reader.GetInt32(1);
itemCiudad.nombreCiudad = reader.GetValue(2).ToString();
lstCiudad.Add(itemCiudad);
}
}
con.Close();
con.Dispose();
}
return lstCiudad;
}
public List<PaisDTO> getPais()
{
List<PaisDTO> lstPais = new List<PaisDTO>();
Parametros p = new Parametros();
PaisDTO itemPais;
using (OracleConnection con = new OracleConnection(p.oracleConnString().ToString()))
{
con.Open();
OracleCommand cmd = con.CreateCommand();
cmd.CommandText = "select IDPAIS, NOMBREPAIS from pais";
using (OracleDataReader reader = cmd.ExecuteReader())
{
while (reader.Read())
{
itemPais = new PaisDTO();
itemPais.idPais = reader.GetInt32(0);
itemPais.nombrePais = reader.GetString(1);
lstPais.Add(itemPais);
}
}
con.Close();
con.Dispose();
}
return lstPais;
}
public List<DepartamentoDTO> getDepartamento(int idPais = -1)
{
List<DepartamentoDTO> lstDepar = new List<DepartamentoDTO>();
Parametros p = new Parametros();
DepartamentoDTO itemDep;
using (OracleConnection con = new OracleConnection(p.oracleConnString().ToString()))
{
con.Open();
OracleCommand cmd = con.CreateCommand();
cmd.CommandText = (idPais != -1) ? "select IDDEPARTAMENTO, IDPAIS, NOMBREDEPARTAMENTO from departamento where IDPAIS = " + idPais.ToString() : "select IDDEPARTAMENTO, IDPAIS, NOMBREDEPARTAMENTO from departamento";
using (OracleDataReader reader = cmd.ExecuteReader())
{
while (reader.Read())
{
itemDep = new DepartamentoDTO();
itemDep.idDepartamento = reader.GetInt32(0);
itemDep.idPais = reader.GetInt32(1);
itemDep.nombreDepartamento = reader.GetValue(2).ToString();
lstDepar.Add(itemDep);
}
}
con.Close();
con.Dispose();
}
return lstDepar;
}
public Person(
OracleConnection oracleConn,
Func<Owned<PersonLotFixMigrator>> personLotFixMigratorFactory)
{
this.oracleConn = oracleConn;
this.personLotFixMigratorFactory = personLotFixMigratorFactory;
}
private void button1_Click(object sender, EventArgs e)
{
string connectionstring = "User Id=dbi324175;Password=wgSZJnGDZe;Data Source=fhictora01.fhict.local:1521/fhictora;";
string ConString1 = connectionstring;
using (OracleConnection con = new OracleConnection(ConString1))
{
con.Open();
string query = "select id from product where id = 1";
using (OracleCommand cmd = new OracleCommand(query, con))
{
using (OracleDataReader reader = cmd.ExecuteReader())
{
while (reader.Read())
{
button1.Text = reader["ID"].ToString();
}
}
}
}
}
protected void Button1_Click(object sender, EventArgs e)
{
{
string CS = ConfigurationManager.ConnectionStrings["oracle"].ConnectionString;
OracleConnection conn = new OracleConnection(CS);
//string U_ID = Session["U_ID"].ToString();
//string ADD_ID = Session["ADDId"].ToString();
using (OracleCommand cmd = new OracleCommand("insert into APARTMENT (APP_ID,APP_TYPE,APP_SIZE,APP_DATE,PRICE,NO_OF_ROOMS,FEATURE,USER_ID,APP_ADD_ID) values (U_ID_SEQ.NEXTVAL,'" + TextBoxAType.Text + "','" + TextBoxASize.Text + "','" + TextBoxAdate.Text + "','" + TextBoxAprice.Text + "','" + TextBoxAroom.Text + "','" + TextBoxAfeature.Text + "','" + Session["U_ID"].ToString().Trim() + "','" + Session["ADDId"].ToString().Trim() + "')", conn))
{
conn.Open();
//cmd.ExecuteNonQuery();
if (Convert.ToBoolean(cmd.ExecuteNonQuery()))
{
Label1.ForeColor = System.Drawing.Color.Green;
Label1.Text = "Data Saved In The Database";
Response.Redirect("~/Allapartments.aspx");
}
else
{
Label1.ForeColor = System.Drawing.Color.Red;
Label1.Text = "Data Cannot Saved In The Database";
}
}
}
}
private void button2_Click(object sender, EventArgs e)
{
// LotNo.Clear();
// Quantity.Clear();
// Price.Clear();
string _connstring = "Data Source=ORCL;User Id = scott;Password=tiger;";
// decimal _totalRecords;
String name;
try
{
OracleConnection _connObj = new OracleConnection(_connstring);
_connObj.Open();
OracleCommand _cmdObj = _connObj.CreateCommand();
// _cmdObj.CommandText = "SELECT ename from employees where empid = 101";
_cmdObj.CommandText = "SELECT ename from emp";
// _totalRecords = (decimal)_cmdObj.ExecuteScalar();
name = (String)_cmdObj.ExecuteScalar();
MessageBox.Show("Total records:" + name);
textBox1.AppendText("Name: " + name);
_connObj.Close();
_connObj.Dispose();
_connObj = null;
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
}
/// <summary>
/// 执行数据库查询操作,返回受影响的行数
/// </summary>
/// <param name="cmdText">Oracle存储过程名称或PL/SQL命令</param>
/// <param name="commandParameters">命令参数集合</param>
/// <returns>当前查询操作影响的数据行数</returns>
public static int ExecuteNonQuery(string cmdText, params OracleParameter[] commandParameters)
{
OracleCommand command = new OracleCommand();
OracleConnection connection = new OracleConnection(connstr);
int result = 0;
try
{
PrepareCommand(command, connection, null, CommandType.Text, cmdText, commandParameters);
result = command.ExecuteNonQuery();
command.Parameters.Clear();
}
catch
{
throw;
}
finally
{
command.Dispose();
connection.Close();
connection.Dispose();
}
return result;
}
protected void baglanti_kur()
{
baglanti = new OracleConnection(constring);
baglanti.Open();
komut = new OracleCommand();
komut.Connection = baglanti;
}
static void ExecuteDropCommand(OracleConnection connection, string statement)
{
using (var dropCmd = new OracleCommand(statement, connection))
{
dropCmd.ExecuteNonQuery();
}
}
static void Main(string[] args)
{
try
{
string connstring =
"Data Source=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ora-002.cafe24.com)(PORT=1521))" +
"(CONNECT_DATA=(SID=orcl)));User Id=gds;Password=1234;";
using (OracleConnection conn = new OracleConnection(connstring))
{
conn.Open();
Console.WriteLine("접속 성공");
string sql = "select test from testdb";
using (OracleCommand comm = new OracleCommand(sql, conn))
{
using (OracleDataReader rdr = comm.ExecuteReader())
{
while (rdr.Read())
{
Console.WriteLine(rdr.GetString(0));
Console.ReadLine();
}
}
}
}
}
catch
{
Console.WriteLine("접속 실패");
}
}
public void CheckPersonWithIdGreaterThan2AndLessThan4()
{
List<IPerson> persons = table.GetTable().Where(p => p.Id > 2 && p.Id < 4).ToList();
using (OracleConnection conn = new OracleConnection(OracleUtility.ConnectionString))
{
conn.Open();
using (IDataReader dr = conn.GetDataReader("select Id,Name from person where Id > :from_id and Id < :to_id",
new { from_id = 2, to_id = 4 }))
{
int i = 0;
while (dr.Read())
{
Assert.AreEqual(dr.ConvertToInt32("Id"), persons[i].Id);
Assert.AreEqual(dr.ConvertToString("Name"), persons[i].Name);
++i;
}
Assert.AreEqual(persons.Count, i);
}
}
}
protected void Submit_Click(object sender, EventArgs e)
{
bool failed = false;
using (OracleConnection objConn = new OracleConnection(Global.ConnectionString))
{
var insertPersonSeason = new OracleCommand("TICKETS_API.insertPersonSeason", objConn) { BindByName = true, CommandType = CommandType.StoredProcedure };
insertPersonSeason.Parameters.Add("p_SeasonId", OracleDbType.Int32, int.Parse(SeasonDropDown.SelectedValue), ParameterDirection.Input);
insertPersonSeason.Parameters.Add("p_PersonId", OracleDbType.Int32, Global.CurrentPerson.person_id, ParameterDirection.Input);
try
{
objConn.Open();
insertPersonSeason.ExecuteNonQuery();
}
catch (Exception)
{
failed = true;
}
objConn.Close();
}
if (!failed)
Response.Redirect("BuySeasonTickets.aspx?Success=1");
else
{
Error.Text = "Could not buy season ticket, try again later.";
Error.Visible = true;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Global.CurrentPerson == null)
Response.Redirect("Index.aspx");
DataTable seasonsTable = new DataTable();
List<Season> seasons = new List<Season>();
using (OracleConnection objConn = new OracleConnection(Global.ConnectionString))
{
// Set up the seasons command
var seasonsCommand = new OracleCommand("TICKETS_QUERIES.getSeasonsForPurchase", objConn) { BindByName = true, CommandType = CommandType.StoredProcedure };
seasonsCommand.Parameters.Add("p_Return", OracleDbType.RefCursor, ParameterDirection.ReturnValue);
seasonsCommand.Parameters.Add("p_PersonId", OracleDbType.Int64, Global.CurrentPerson.person_id, ParameterDirection.Input);
try
{
// Execute the queries and auto map the results to models
objConn.Open();
var seasonsAdapter = new OracleDataAdapter(seasonsCommand);
seasonsAdapter.Fill(seasonsTable);
seasons = Mapper.DynamicMap<IDataReader, List<Season>>(seasonsTable.CreateDataReader());
}
catch (Exception)
{
Response.Redirect("Index.aspx");
}
objConn.Close();
}
// Fill list dropdowns with data from the database
if (seasons.Count > 0)
{
var seasonsWithEvents = seasons.GroupBy(s => s.season_id).Select(season => new Season()
{
season_id = season.First().season_id,
name = season.First().name,
price = season.First().price,
ticket_count = season.First().ticket_count,
event_names = seasons.Where(ev => ev.season_id == season.First().season_id).Select(en => en.event_name).ToList()
}).ToList();
SeasonDropDown.DataTextField = "name";
SeasonDropDown.DataValueField = "season_id";
SeasonDropDown.DataSource = seasonsWithEvents;
SeasonDropDown.DataBind();
SeasonListView.DataSource = seasonsWithEvents;
SeasonListView.DataBind();
}
if (Request.QueryString["Success"] != null)
{
Error.Text = "Successfully purchased season ticket!";
Error.Visible = true;
}
}
}
private static void PrintDebug(OracleConnection con)
{
var debug = new Dictionary<string, string>
{
{ "NLS_DATABASE_PARAMETERS", "SELECT parameter, value FROM NLS_DATABASE_PARAMETERS where parameter in ('NLS_LANGUAGE', 'NLS_TERRITORY', 'NLS_CHARACTERSET', 'NLS_NCHAR_CHARACTERSET', 'NLS_RDBMS_VERSION') order by parameter asc"},
{ "V$VERSION", "SELECT banner, ' ' FROM V$VERSION order by banner asc"},
{ "V$PARAMETER", "select name,value from v$parameter where upper(name)=upper('SEC_CASE_SENSITIVE_LOGON')" }
};
foreach (var e in debug)
{
Console.WriteLine("### {0} ###", e.Key);
using (var cmd = con.CreateCommand())
{
cmd.CommandText = e.Value;
cmd.CommandType = CommandType.Text;
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
Console.WriteLine(@"{0,-24} = {1}", reader.GetString(0), reader.GetString(1));
}
}
}
}
}
private void button1_Click(object sender, EventArgs e)
{
string connection = "Data Source=ORCL; User Id=pharmacy; Password=pharmacy";
OracleConnection InsertData = new OracleConnection(connection);
InsertData.Open();
OracleParameter empno = new OracleParameter();
empno.OracleDbType = OracleDbType.Int16;
empno.Value = Quantity.Text;
OracleParameter deptno = new OracleParameter();
deptno.OracleDbType = OracleDbType.Int16;
deptno.Value = Price.Text;
OracleCommand insertEmpno = new OracleCommand();
insertEmpno.Connection = InsertData;
insertEmpno.Parameters.Add(empno);
insertEmpno.CommandText = "select ename from employees where empid = 101";
insertEmpno.CommandType = CommandType.Text;
OracleDataReader DataRead = insertEmpno.ExecuteReader();
DataRead.Read();
while (DataRead.Read())
{
listBox1.Items.Add(DataRead.GetString(1));
}
InsertData.Dispose();
}
private void backgroundWorker1_DoWork(object sender, DoWorkEventArgs e)
{
while (!backgroundWorker1.CancellationPending)
{
try
{
using (var conn = new OracleConnection(textBox1.Text))
{
conn.Open();
using (var cmd = conn.CreateCommand())
{
cmd.CommandText = "SELECT 'OK' FROM DUAL";
var result = (string) cmd.ExecuteScalar();
AppendText(string.Format("{0}: Sql executed OK", DateTime.Now));
}
}
}
catch (Exception ex)
{
//MessageBox.Show(ex.ToString());
AppendText(string.Format("{0}: Error:{1}", DateTime.Now, ex.Message));
}
for (var i = 0; i < 100; i++)
{
Thread.Sleep(30);
if (backgroundWorker1.CancellationPending) return;
}
}
}
//发表评论
public ActionResult AddComment(string content)
{
//假设登录用户为123,需换为session
string loginuser = "******";
//string loginuser = Session["username"] as string
OracleConnection conn = new OracleConnection(oradb);
conn.Open();
string selectStr = "select textcommentid from textcomment";
OracleCommand cmd = new OracleCommand(selectStr, conn);
OracleDataReader dr = cmd.ExecuteReader();
int temp = 0;
while (dr.Read())
{
if (Convert.ToInt32(dr[0]) > temp)
{
temp = Convert.ToInt32(dr[0]);
}
}
temp++;
string addStr = "insert into textcomment(textcommentid, textid, content, textcomment_date, username)values(" + temp + "," + textId + ",'" + content + "','" + DateTime.Now.ToString() + "','" + loginuser + "')";
OracleCommand cmd2 = new OracleCommand(addStr, conn);
int insertedLines = cmd2.ExecuteNonQuery();
conn.Close();
return RedirectToAction("Comment", "Account");
}
protected void Button1_Click(object sender, EventArgs e)
{
try
{
string strConn = "Data Source=orcl;User Id=chatroom;Password=chatroom;Integrated Security=no;";
OracleConnection oleDbConnection = new OracleConnection(strConn);
oleDbConnection.Open();
string strSql;
if (this.name.Text.ToString() == "")
{
strSql = "select * from scott.ChatRoomLog order by id desc";
}
else
{
strSql = "select * from scott.chatroomlog where name='" + this.name.Text.ToString() + "' order by id";
}
System.Data.OracleClient.OracleCommand oleDbCommand = new System.Data.OracleClient.OracleCommand();
oleDbCommand.CommandText = strSql;
oleDbCommand.Connection = oleDbConnection;
System.Data.OracleClient.OracleDataAdapter oleDbDataAdapter = new System.Data.OracleClient.OracleDataAdapter(oleDbCommand);
DataTable table = new DataTable();
oleDbDataAdapter.Fill(table);
oleDbConnection.Close();
this.GridView1.DataSource = table.DefaultView;
this.GridView1.DataBind();
}
catch
{
}
}
protected void Button1_Click(object sender, EventArgs e)
{
string CS = ConfigurationManager.ConnectionStrings["oracle"].ConnectionString;
OracleConnection conn = new OracleConnection(CS);
using (OracleCommand cmd = new OracleCommand("insert into USER_TABLE (USER_ID,U_NAME,U_PASS,FULLNAME,CONTACT,EMAIL,DOB,U_LOCATION) values (U_ID_SEQ.NEXTVAL,'" + TextBox1.Text + "','" + TextBox3.Text + "','" + TextBox7.Text + "','" + TextBox5.Text + "','" + TextBox4.Text + "','" + TextBox6.Text + "','" + TextBox8.Text + "')", conn))
{
//cmd.Parameters.("@U_NAME",TextBox1.Text);
//cmd.Parameters.AddWithValue("@U_PASS",TextBox3.Text);
//cmd.Parameters.AddWithValue("@FULLNAME", TextBox7.Text);
//cmd.Parameters.AddWithValue("@CONTACT",TextBox5.Text);
//cmd.Parameters.AddWithValue("@EMAIL",TextBox4.Text);
//cmd.Parameters.AddWithValue("@DOB",TextBox6.Text);
//cmd.Parameters.AddWithValue("@U_LOCATION",TextBox8.Text);
conn.Open();
cmd.ExecuteNonQuery();
Label1.ForeColor = System.Drawing.Color.Green;
Label1.Text = "Data Saved In The Database";
}
//using(OracleCommand comd = new OracleCommand("select USER_ID from USER_TABLE where U_NAME = '"+TextBox1.Text+"'"))
//{
// string id= comd.ExecuteScalar().ToString();
// Session["Id"] = id;
//}
}
public PersonLotCreator(
OracleConnection oracleConn,
Func<Owned<DisposableTuple<IUnitOfWork, ILotRepository, ICaseTypeRepository, ILotEventDispatcher, UserContext>>> dependencyFactory)
{
this.dependencyFactory = dependencyFactory;
this.oracleConn = oracleConn;
}
/**
Permite eliminar un cliente
*/
public string deleteCustomer(string id)
{
string deleteCustomer = "DELETE FROM CUSTOMERS.CUSTOMER WHERE Id = :Id";
OracleTransaction transaction;
using (OracleConnection connection = new OracleConnection())
{
connection.ConnectionString = ConfigurationManager.ConnectionStrings["customerDb"].ConnectionString;
try
{
connection.Open();
transaction = connection.BeginTransaction();
deleteCustomerAddress(id, connection, transaction);
using (OracleCommand command = new OracleCommand(deleteCustomer, connection))
{
command.Parameters.Add(new OracleParameter("Id", id));
command.ExecuteNonQuery();
transaction.Commit();
}
}
catch (Exception e)
{
throw new PlatformException(e.Message);
}
}
return "OK";
}
/// <summary>
/// Selects and retrieves values from the database
/// </summary>
/// <param name="query">The selection statement</param>
/// <returns>A DataTable with the retrieved values></returns>
public static DataTable RetrieveQuery(string query)
{
if (Regex.IsMatch(query, @"-{2,}"))
{
throw new SQLInjectionException();
}
using (OracleConnection c = new OracleConnection(@connectionstring))
{
try
{
c.Open();
OracleCommand cmd = new OracleCommand(@query);
cmd.Connection = c;
try
{
OracleDataReader r = cmd.ExecuteReader();
DataTable result = new DataTable();
result.Load(r);
c.Close();
return result;
}
catch (OracleException e)
{
Console.Write(e.Message);
throw;
}
}
catch (OracleException e)
{
Console.Write(e.Message);
return new DataTable();
}
}
}
// GET: Album
// [HttpPost]
public List<AlbumModels> Album()
{
OracleConnection conn = new OracleConnection(oradb);
conn.Open();
string selectStr = /* "insert into album(albumID,albumname,username) values('111','testalbum','KING')";*/
"select * "
+ "from album ";
// " +(Session["username"] as string)+"
OracleCommand cmd = new OracleCommand(selectStr, conn);
OracleDataReader dr = cmd.ExecuteReader();
var Models = new List<AlbumModels>();
while (dr.Read())
{
AlbumModels model = new AlbumModels();
model.AlbumName = dr["albumname"].ToString();
model.AlbumId = dr["albumid"].ToString();
//model.Username = Session["username"] as string ;
string selectStr1 = "select * from photo where albumid = " + model.AlbumId;
OracleCommand cmd1 = new OracleCommand(selectStr1, conn);
OracleDataReader dr1 = cmd1.ExecuteReader();
dr1.Read();
model.Firstphoto = dr1["photoaddress"].ToString();
Models.Add(model);
//Session.Add("currentAlbumName", albumName);
//Session.Add("currentAlbumId", albumId); //点击时保存到session
}
dr.Close();
int insertedLines = cmd.ExecuteNonQuery();
conn.Close();
conn.Dispose();
return Models;
}
//根据查询SQL,产生提供给报表生成需要的 或 JSON 数据,采用 Oracle 数据引擎, 根据RecordsetQuerySQL获取报表明细数据,根据ParameterQuerySQL获取报表参数数据
protected static void DoGenEntireData(System.Web.UI.Page DataPage, string RecordsetQuerySQL, string ParameterQuerySQL, ResponseDataType DataType, bool IsJSON)
{
OracleConnection myConn = new OracleConnection(OracleConnStr);
myConn.Open();
OracleDataAdapter myda = new OracleDataAdapter(RecordsetQuerySQL, myConn);
DataSet myds = new DataSet();
myda.Fill(myds);
OracleCommand mycmd = new OracleCommand(ParameterQuerySQL, myConn);
OracleDataReader mydr = mycmd.ExecuteReader(CommandBehavior.CloseConnection);
if (IsJSON)
{
string ParameterPart = JSONReportData.GenParameterText(mydr);
JSONReportData.GenEntireData(DataPage, myds, ref ParameterPart, DataType);
}
else
{
string ParameterPart = XMLReportData.GenParameterText(mydr);
XMLReportData.GenEntireData(DataPage, myds, ref ParameterPart, DataType);
}
myConn.Close();
}
public ReservaController()
{
string conn = ConfigurationManager.ConnectionStrings["OracleDbContext"].ConnectionString;
OracleConnection db = new OracleConnection(conn);
JaverianaReservasContext dbSql = new JaverianaReservasContext();
this._repo = new ReservaRepository(db, dbSql);
}
public static int? SaveBinaryContent(int? id, string processName, string fieldName, byte[] content, OracleConnection connection)
{
if (connection == null)
{
throw new ArgumentNullException("connection");
}
using (var command = connection.CreateCommand())
{
command.Parameters.Add("p_Content", content == null ? DBNull.Value : (object)content);
if (id == null || id.Value == 0)
{
command.CommandText = string.Format(CultureInfo.InvariantCulture, @"INSERT INTO """"{0}"""" (""""ProcessName"""", """"FieldName"""", """"Content"""", """"IsRemoved"""") VALUES (:p_ProcessName, :p_FieldName, :p_Content, '0'); RETURNING """"Id"""" INTO :p_Id", OracleNamesTranslator.Translate(Constants.BinaryContentTableName));
var idParam = command.Parameters.Add("p_Id", OracleDbType.Int32, ParameterDirection.Output);
command.Parameters.Add("p_ProcessName", processName == null ? DBNull.Value : (object)processName);
command.Parameters.Add("p_FieldName", fieldName == null ? DBNull.Value : (object)fieldName);
command.ExecuteNonQuery();
id = Convert.ToInt32(idParam.Value, CultureInfo.InvariantCulture);
}
else
{
command.Parameters.Add("p_Id", id.Value);
command.CommandText = string.Format(CultureInfo.InvariantCulture, @"UPDATE """"{0}"""" SET """"Content"""" = :p_Content WHERE """"Id"""" = :p_Id", OracleNamesTranslator.Translate(Constants.BinaryContentTableName));
command.ExecuteNonQuery();
}
}
return id;
}
public XtraCadFilial()
{
InitializeComponent();
ativaTransparencia();
conn = new ConnectionFactory().getConnectionOracle();
}
/// <summary>
/// Handles the specified request.
/// </summary>
/// <param name="request">The request.</param>
public void Handle(DeployRequestDto request)
{
//Get the connection string
var sqlInputs = GetConnectionString(request);
//get the scripts folder
var directory = request.IntermediateDirectory;
//get the files in the folder
string[] fileEntries = Directory.GetFiles(directory);
foreach (string fileName in fileEntries)
{
try
{
string content = string.Format(File.ReadAllText(fileName));
using (var oracleConnection = new OracleConnection(sqlInputs.ConnectionString))
{
oracleConnection.Open();
var command = new OracleCommand();
var script = content.Replace("\t", " ");
script = script.Replace("\n", Environment.NewLine);
command.Connection = oracleConnection;
command.CommandText = script;
var result = command.ExecuteNonQuery();
Debug.Write(result);
}
}
catch (Exception ex)
{
Debug.Write("Exception message: " + ex.Message);
}
}
}
/// <summary>
/// 创建 SQL 连接
/// </summary>
/// <param name="connection"></param>
protected override void createConnection(ref DbConnection connection)
{
(connection = new OracleConnection(Connection.ConnectionString)).Open();
}
//NOTE: Because this is a "Dependency Injection Oriented Package"
//we need to pass the database connection and the SQL Generator as parameters
public SektorskaZanimanjaRHRepository(OracleConnection connection,
ISqlGenerator <SektorskaZanimanjaRH> sqlGenerator)
: base(connection, sqlGenerator)
{
}
//Loading data in datagridview1
void datagrid()
{
// Showing Data in DataGridView1 from search button
textBox1.Text = null;
textBox2.Text = null;
if (String.IsNullOrWhiteSpace(textBox24.Text))
{
yr = 0;
}
Name12.Visible = false;
button2.Enabled = false;
string str = "DATA SOURCE=localhost:1521/xe; USER ID=IMS;password=enteryourchoice";
OracleConnection con = new OracleConnection(str);
string query = null;
if (comboBox2.Text == "Teaching Staff")
{
//Department All or null and year default
if ((comboBox1.Text == "ALL" || String.IsNullOrWhiteSpace(comboBox1.Text)) && yr == 0)
{
query = "select p.photograph as IMG,ts.tsid as ID,upper(p.fname)||' '||upper(p.mname)||' '||upper(p.lname) as Full_Name,ts.designation as \"Designation \",ts.salary as \"Salary \",to_char(p.DOA,'dd/MON/yyyy') as Date_of_Joining,p.gender as Gender from person p,teaching_staff ts where ts.pid=p.pid order by fname,mname,lname";
}
//Department All or null and year entered
else if ((comboBox1.Text == "ALL" || String.IsNullOrWhiteSpace(comboBox1.Text)) && yr == 1)
{
query = "select p.photograph as IMG,ts.tsid as ID,upper(p.fname)||' '||upper(p.mname)||' '||upper(p.lname) as Full_Name,ts.designation as \"Designation \",ts.salary as \"Salary \",to_char(p.DOA,'dd/MON/yyyy') as Date_of_Joining,p.gender as Gender from person p,teaching_staff ts where ts.pid=p.pid and p.DOA like :year order by fname,mname,lname";
}
//Department not all and year not entered
else if (comboBox1.Text != "ALL" && yr == 0)
{
query = "select p.photograph as IMG,ts.tsid as ID,upper(p.fname)||' '||upper(p.mname)||' '||upper(p.lname) as Full_Name,ts.designation as \"Designation \",ts.salary as \"Salary \",to_char(p.DOA,'dd/MON/yyyy') as Date_of_Joining,p.gender as Gender from person p,teaching_staff ts where ts.pid=p.pid and ts.deptid=(select deptid from department where deptname='" + comboBox1.Text + "') order by fname,mname,lname";
}
//Department not all and year entered
else if (comboBox1.Text != "ALL" && yr == 1)
{
query = "select p.photograph as IMG,ts.tsid as ID,upper(p.fname)||' '||upper(p.mname)||' '||upper(p.lname) as Full_Name,ts.designation as \"Designation \",ts.salary as \"Salary \",to_char(p.DOA,'dd/MON/yyyy') as Date_of_Joining,p.gender as Gender from person p,teaching_staff ts where ts.pid=p.pid and ts.deptid=(select deptid from department where deptname='" + comboBox1.Text + "') and p.DOA like :year order by fname,mname,lname";
}
}
else
{
//year default
if (yr == 0)
{
query = "select p.photograph as IMG,os.staffid as ID,upper(p.fname)||' '||upper(p.mname)||' '||upper(p.lname) as Full_Name,os.designation as \"Designation \",os.salary as \"Salary \",to_char(p.DOA,'dd/MON/yyyy') as Date_of_Joining,p.gender as Gender from person p,office_staff os where os.pid=p.pid order by fname,mname,lname";
}
//year entered
else
{
query = "select p.photograph as IMG,os.staffid as ID,upper(p.fname)||' '||upper(p.mname)||' '||upper(p.lname) as Full_Name,os.designation as \"Designation \",os.salary as \"Salary \",to_char(p.DOA,'dd/MON/yyyy') as Date_of_Joining,p.gender as Gender from person p,office_staff os where os.pid=p.pid and p.DOA like :year order by fname,mname,lname";
}
}
OracleCommand cmd = new OracleCommand(query, con);
if (yr == 1)
{
cmd.Parameters.Add(new OracleParameter(":year", "_______" + textBox24.Text.Substring(2)));
}
try
{
OracleDataAdapter oda = new OracleDataAdapter();
oda.SelectCommand = cmd;
DataTable dbdataset = new DataTable();
oda.Fill(dbdataset);
BindingSource bsource = new BindingSource();
bsource.DataSource = dbdataset;
dataGridView1.DataSource = bsource;
this.dataGridView1.Columns["Full_Name"].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleCenter;
this.dataGridView1.Columns["Full_Name"].AutoSizeMode = DataGridViewAutoSizeColumnMode.Fill;
this.dataGridView1.Columns["Designation "].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["Designation "].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
this.dataGridView1.Columns["Salary "].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["Salary "].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
this.dataGridView1.Columns["Gender"].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["Gender"].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
this.dataGridView1.Columns["Date_of_Joining"].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["Date_of_Joining"].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
this.dataGridView1.Columns["ID"].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["IMG"].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
if (this.dataGridView1.Columns["IMG"] is DataGridViewImageColumn)
{
((DataGridViewImageColumn)dataGridView1.Columns["IMG"]).ImageLayout = DataGridViewImageCellLayout.Zoom;
}
this.dataGridView1.EnableHeadersVisualStyles = false;
this.dataGridView1.ColumnHeadersDefaultCellStyle.Font = new Font("ARIAL", 9, FontStyle.Bold);
this.dataGridView1.ColumnHeadersDefaultCellStyle.ForeColor = Color.Blue;
this.dataGridView1.ColumnHeadersDefaultCellStyle.BackColor = Color.MistyRose;
this.dataGridView1.DefaultCellStyle.BackColor = Color.LightCyan;
this.dataGridView1.DefaultCellStyle.Font = new Font("ARIAL", 9, FontStyle.Bold);
this.dataGridView1.DefaultCellStyle.ForeColor = Color.Red;
if (dataGridView1.Rows.Count > 0)
{
dataGridView1.Rows[0].Selected = false;
}
label16.Visible = true;
label16.Text = "Displaying " + dataGridView1.RowCount + " Record";
oda.Update(dbdataset);
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
public void setDataSource(技术日报内容 n)
{
//初始化
xiufeng.Initialize();
manfeng.Initialize();
qitaqingkuang.Initialize();
XiaohaoGaolu.DataSetXh1 xmf = new LTZN.XiaohaoGaolu.DataSetXh1();
XiaohaoGaolu.DataSetXh1TableAdapters.休风TableAdapter xadp = new LTZN.XiaohaoGaolu.DataSetXh1TableAdapters.休风TableAdapter();
XiaohaoGaolu.DataSetXh1TableAdapters.慢风TableAdapter madp = new LTZN.XiaohaoGaolu.DataSetXh1TableAdapters.慢风TableAdapter();
// XiaohaoGaolu.DataSetXh1TableAdapters.全厂日消耗TableAdapter qadp = new LTZN.XiaohaoGaolu.DataSetXh1TableAdapters.全厂日消耗TableAdapter();
xadp.FillByRq(xmf.休风, n.riqi);
madp.FillByRq(xmf.慢风, n.riqi);
// qadp.FillByRq(xmf.全厂日消耗, n.riqi);
foreach (技术日报内容项 x in n)
{
x.Convert0ToNull();
}
this.技术日报BindingSource.DataSource = n;
dataSource = n;
List <ReportParameter> para = new List <ReportParameter>();
para.Add(new ReportParameter("Riqi", n.riqi.ToString("yyyy年MM月dd日")));
int i = 0;
foreach (XiaohaoGaolu.DataSetXh1.休风Row r in xmf.休风)
{
i++;
string str = i + "、" + r.高炉 + "炉" + r.时间.ToString("H:mm") + "分休风 " + r.间隔.ToString() + "分钟," + (r.Is原因Null()?"":r.原因);
if (i <= 9)
{
para.Add(new ReportParameter("xiufeng" + i, str));
xiufeng[i - 1] = str;
}
}
i = 0;
foreach (XiaohaoGaolu.DataSetXh1.慢风Row r in xmf.慢风)
{
i++;
string str = i + "、" + r.高炉 + "炉" + r.时间.ToString("H:mm") + "分慢风 " + r.间隔.ToString() + "小时," + (r.Is原因Null() ? "" : r.原因);
if (i <= 9)
{
para.Add(new ReportParameter("manfeng" + i, str));
manfeng[i - 1] = str;
}
}
OracleConnection cn = new OracleConnection();
cn.ConnectionString = Properties.Settings.Default.ltznConnectionString;
cn.Open();
OracleCommand cmd = new OracleCommand();
cmd.Connection = cn;
cmd.CommandText = "select P09备注1,P10备注2 from 全厂日消耗 where P01日期=:rq";
cmd.Parameters.Add(":rq", OracleType.DateTime).Value = n.riqi;
OracleDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
if (!dr.IsDBNull(0) && dr.GetString(0) != "")
{
string qtStr = dr.GetString(0);
para.Add(new ReportParameter("qita1", qtStr));
qitaqingkuang[0] = qtStr;
}
if (!dr.IsDBNull(1) && dr.GetString(1) != "")
{
string qtStr = dr.GetString(1);
para.Add(new ReportParameter("qita2", qtStr));
qitaqingkuang[1] = qtStr;
}
}
dr.Close();
cn.Close();
string yejiao = "单位负责人:“" + Properties.Settings.Default.负责人 + "” 制表人:“" + Properties.Settings.Default.制表人 + "” 第 + + 页,共一页";
para.Add(new ReportParameter("yejiao", yejiao));
para.Add(new ReportParameter("actUser", Properties.Settings.Default.制表人));
try
{
this.reportViewer1.LocalReport.SetParameters(para);
}
catch (Exception ex)
{
Console.Write(ex);
}
this.reportViewer1.RefreshReport();
}
protected void getmevisitsummary()
{
OracleConnection conn = new OracleConnection(Connection.con_str_oracle_cicco);
OracleCommand cmd = new OracleCommand();
cmd.CommandType = CommandType.StoredProcedure;
cmd.Connection = conn;
//cmd.Parameters.Clear();
cmd.CommandText = "pk_app_me_reports.open_me_brn_head_summery";
OracleParameter prm1 = new OracleParameter("IO_CURSOR", OracleType.Cursor);
prm1.Direction = ParameterDirection.Output;
cmd.Parameters.Add(prm1);
OracleParameter prm2 = new OracleParameter("WKBRNCODE", OracleType.VarChar);
prm2.Direction = ParameterDirection.Input;
prm2.Value = DropDownListbranch.SelectedValue;
cmd.Parameters.Add(prm2);
OracleParameter prm3 = new OracleParameter("WK_PDATE", OracleType.VarChar);
prm3.Direction = ParameterDirection.Input;
prm3.Value = Convert.ToDateTime(txtfromdate.Text).ToString("dd-MMM-yyy").ToString();
cmd.Parameters.Add(prm3);
OracleParameter prm4 = new OracleParameter("WK_PDATE1", OracleType.VarChar);
prm4.Direction = ParameterDirection.Input;
prm4.Value = Convert.ToDateTime(txttodate.Text).ToString("dd-MMM-yyy").ToString();
cmd.Parameters.Add(prm4);
OracleParameter prm5 = new OracleParameter("wkmecode", OracleType.VarChar);
prm5.Direction = ParameterDirection.Input;
prm5.Value = DropDownListme.SelectedValue;
cmd.Parameters.Add(prm5);
try
{
conn.Open();
OracleDataAdapter adp = new OracleDataAdapter(cmd);
DataTable dt = new DataTable();
adp.Fill(dt);
grid1.DataSource = dt;
grid1.DataBind();
//conn.Open();
//grid1.EmptyDataText = "No Records Found";
//grid1.DataSource = cmd.ExecuteReader();
//grid1.DataBind();
}
catch (Exception ex)
{
}
finally
{
conn.Close();
}
}
public static bool checkConnection(String user, String password)
{
OracleConnection con = DBConnection.GetConnection("SYSTEM", "161299");
return(true);
}
private void AuctionStartBidder_Load(object sender, EventArgs e)
{
using (con = new OracleConnection(ordb))
{
string status = "";
con.Open();
ReLoad();
int itm_ID = 0, seller_id = 0;
OracleCommand cmdd = new OracleCommand();
cmdd.Connection = con;
cmdd.CommandText = @"select i.name , i.value , i.DESCRIPTION , a.s_date , a.e_date , i.item_id , s.user_id from auctions a , seller_auctions s , items i
where a.auc_id = s.auc_id
and s.itm_id = i.item_id
and a.auc_id = :id
order by a.auc_id ";
cmdd.CommandType = CommandType.Text;
cmdd.Parameters.Add("id", GlobalID.AucID);
OracleDataReader drr = cmdd.ExecuteReader();
while (drr.Read())
{
itmnametx.Text = drr[0].ToString();
itmvaltxt.Text = drr[1].ToString();
itmdestxt.Text = drr[2].ToString();
sdatetxt.Text = drr[3].ToString();
edatetxt.Text = drr[4].ToString();
itm_ID = Convert.ToInt32(drr[5].ToString());
seller_id = Convert.ToInt32(drr[6].ToString());
}
drr.Close();
DateTime endDate = new DateTime();
endDate = Convert.ToDateTime(edatetxt.Text.ToString());
if (endDate <= DateTime.Now)
{
MessageBox.Show("Closed");
OracleCommand cmdu = new OracleCommand();
cmdu.Connection = con;
cmdu.CommandText = "update auctions set status = 'close' where auc_id = :id";
cmdu.CommandType = CommandType.Text;
cmdu.Parameters.Add("id", GlobalID.AucID);
int ret = cmdu.ExecuteNonQuery();
if (ret != -1)
{
MessageBox.Show("Status Changed Successfully");
bidbtn.Enabled = false;
}
if (bidderView.RowCount == 0)
{
MessageBox.Show("No One Buy This Items !!!");
return;
}
////----- Put Item In Ship Cart ---------//////////
int maxIDValu = 0, maxValended = 0, aucID = GlobalID.AucID;
OracleCommand MaxUsVal = new OracleCommand();
MaxUsVal.Connection = con;
MaxUsVal.CommandText = "select user_id ,value from bidder_auctions where auc_id = :auid and value = (select max(value) from bidder_auctions where auc_id = :aucid )";
MaxUsVal.CommandType = CommandType.Text;
MaxUsVal.Parameters.Add("auid", GlobalID.AucID);
MaxUsVal.Parameters.Add("aucid", aucID);
OracleDataReader max = MaxUsVal.ExecuteReader();
while (max.Read())
{
maxIDValu = Convert.ToInt32(max[0].ToString());
maxValended = Convert.ToInt32(max[1].ToString());
}
max.Close();
MessageBox.Show("The Winner IS : " + maxIDValu.ToString());
int quantity = 0, shipID = 0;
OracleCommand getQuntityAndShip = new OracleCommand();
getQuntityAndShip.Connection = con;
getQuntityAndShip.CommandText = @"select QUANTITY , ship_id
from SHIPPING_CARTS
where bidder_id = :maxID";
getQuntityAndShip.Parameters.Add("maxID", maxIDValu);
OracleDataReader drq = getQuntityAndShip.ExecuteReader();
while (drq.Read())
{
quantity = Convert.ToInt32(drq[0].ToString());
shipID = Convert.ToInt32(drq[1].ToString());
}
drq.Close();
quantity++;
MessageBox.Show("The Ship ID IS :" + shipID + " The Quan : " + quantity);
///---- update balance Bidder ---/////
OracleCommand UpdateBalaneceBidder = new OracleCommand();
UpdateBalaneceBidder.Connection = con;
UpdateBalaneceBidder.CommandText = "update users set balance = balance - :bidval where user_id = :ids";
UpdateBalaneceBidder.CommandType = CommandType.Text;
UpdateBalaneceBidder.Parameters.Add("bidval", maxValended);
UpdateBalaneceBidder.Parameters.Add("ids", maxIDValu);
UpdateBalaneceBidder.ExecuteNonQuery();
////-------- update balance Seller ---/////////
OracleCommand UpdateBalaneceSeller = new OracleCommand();
UpdateBalaneceSeller.Connection = con;
UpdateBalaneceSeller.CommandText = "update users set balance = balance + :bidval where user_id = :iduse";
UpdateBalaneceSeller.CommandType = CommandType.Text;
UpdateBalaneceSeller.Parameters.Add("bidval", maxValended);
UpdateBalaneceSeller.Parameters.Add("iduse", seller_id);
UpdateBalaneceSeller.ExecuteNonQuery();
//-----Update Ship Cart --/////
OracleCommand updateSHIP_CaRT = new OracleCommand();
updateSHIP_CaRT.Connection = con;
updateSHIP_CaRT.CommandText = "update SHIPPING_CARTS set QUANTITY = :newq where bidder_id = :uids and ship_id = :shid";
updateSHIP_CaRT.CommandType = CommandType.Text;
updateSHIP_CaRT.Parameters.Add("newq", quantity);
updateSHIP_CaRT.Parameters.Add("uids", maxIDValu);
updateSHIP_CaRT.Parameters.Add("shid", shipID);
updateSHIP_CaRT.ExecuteNonQuery();
////-- insert item into ship items---///////
OracleCommand addTOShipItems = new OracleCommand();
addTOShipItems.Connection = con;
addTOShipItems.CommandText = "insert into shipping_items(ship_id, itm_name, value, auc_id) values (:shipid,:itmname,:bidval,:auid)";
addTOShipItems.CommandType = CommandType.Text;
addTOShipItems.Parameters.Add("shipid", shipID);
addTOShipItems.Parameters.Add("itmname", itmnametx.Text.ToString());
addTOShipItems.Parameters.Add("bidval", maxValended);
addTOShipItems.Parameters.Add("auid", GlobalID.AucID);
addTOShipItems.ExecuteNonQuery();
///----- update item Owner ----///////
OracleCommand updateItemOwner = new OracleCommand();
updateItemOwner.Connection = con;
updateItemOwner.CommandText = "update items set seller_id = :OwnID where item_id = :itmids";
updateItemOwner.CommandType = CommandType.Text;
updateItemOwner.Parameters.Add("OwnID", maxIDValu);
updateItemOwner.Parameters.Add("itmids", itm_ID);
updateItemOwner.ExecuteNonQuery();
//////////////
}
OracleCommand cmd = new OracleCommand();
cmd.Connection = con;
cmd.CommandText = "select status from auctions where auc_id = :id";
cmd.CommandType = CommandType.Text;
cmd.Parameters.Add("id", GlobalID.AucID);
OracleDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
status = dr[0].ToString();
}
dr.Close();
if (status == "close")
{
bidbtn.Enabled = false;
}
else
{
bidbtn.Enabled = true;
}
}
}
public MultaDA()
{
conn = new ConexionDA().obtenerConexion();
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
string tainted_1 = null;
tainted_1 = Console.ReadLine();
tainted_3 = tainted_1;
string[] arr_1 = new string[4]; // declaring array
//Storing value in array element
arr_1[0] = null;
arr_1[1] = null;
arr_1[2] = null;
arr_1[3] = tainted_1;
foreach (string val_1 in arr_1)
{
if (val_1 != null)
{
tainted_2 = val_1;
StringBuilder escape = new StringBuilder();
for (int i = 0; i < tainted_2.Length; ++i)
{
char current = tainted_2[i];
switch (current)
{
case '\\':
escape.Append(@"\5c");
break;
case '*':
escape.Append(@"\2a");
break;
case '(':
escape.Append(@"\28");
break;
case ')':
escape.Append(@"\29");
break;
case '\u0000':
escape.Append(@"\00");
break;
case '/':
escape.Append(@"\2f");
break;
default:
escape.Append(current);
break;
}
}
tainted_3 = escape.ToString();
}
}
//flaw
string query = "SELECT * FROM '" + tainted_3 + "'";
string connectionString = "Data Source=localhost;User ID=oracle_user;Password=oracle_password";
OracleConnection dbConnection = null;
try{
dbConnection = new OracleConnection(connectionString);
dbConnection.Open();
OracleCommand cmd = dbConnection.CreateCommand();
cmd.CommandText = query;
OracleDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Console.WriteLine(reader.ToString());
}
dbConnection.Close();
}catch (Exception e) {
Console.WriteLine(e.ToString());
}
}
public ActionResult DownloadActive(crm_EmployeeRepo employeeRepo)
{
try
{
if (String.IsNullOrEmpty(employeeRepo.Employer_Id))
{
X.Mask.Hide();
X.Msg.Show(new MessageBoxConfig
{
Title = "Error",
Message = "Please Select Employer",
Buttons = MessageBox.Button.OK,
Icon = MessageBox.Icon.INFO,
Width = 350
});
return this.Direct();
}
string queryString = "select * from vw_es_esf where employer_id = '" + employeeRepo.Employer_Id + "' and scheme_id = '" + employeeRepo.Scheme_Id + "' and ESF_STATUS = 'ACTIVE' and deferred < 3";
using (OracleConnection connection = new OracleConnection(GlobalValue.ConString))
{
OracleCommand command = new OracleCommand(queryString, connection);
connection.Open();
OracleDataReader reader;
reader = command.ExecuteReader();
// Always call Read before accessing data.
while (reader.Read())
{
employeeRepo.Surname = (string)reader["surname"];
employeeRepo.First_Name = (string)reader["first_name"];
employeeRepo.ESF_Id = (string)reader["esf_id"];
//employeeRepo.Email_Address = (string)reader["email_address"];
employeeRepo.Scheme_Name = (string)reader["SCHEME_NAME"];
////load report table
//var con = new AppSettings();
//var param = new DynamicParameters();
//param.Add("P_ESF_ID", employeeRepo.ESF_Id, DbType.String, ParameterDirection.Input);
//param.Add("P_MAKER_ID", GlobalValue.User_ID, DbType.String, ParameterDirection.Input);
//con.GetConnection().Execute("REPORT_EMPLOYEE_STATEMENT", param, commandType: CommandType.StoredProcedure);
string DocumentName = "NA";
string pa = Server.MapPath("~/Penfad_Reports/Employee_ContributionMonth_On_Month_1.dll");
System.Reflection.Assembly assembly_1 = System.Reflection.Assembly.LoadFrom(pa);
StiReport My_Report = StiReport.GetReportFromAssembly(assembly_1);
//////asign constring
My_Report.Dictionary.DataStore.Clear();
My_Report.Dictionary.Databases.Add(new StiOracleDatabase("con", GlobalValue.ConString));
My_Report[":P_ESF_ID"] = employeeRepo.ESF_Id;
string path = Environment.GetFolderPath(Environment.SpecialFolder.MyComputer);
if (!(System.IO.Directory.Exists(path + @"\" + "STATEMENTS" + @"\" + employeeRepo.Employer_Name + @"\" + System.DateTime.Now.Day + "_" + System.DateTime.Now.Month + "_" + System.DateTime.Now.Year)))
{
System.IO.Directory.CreateDirectory(path + @"\" + "STATEMENTS" + @"\" + employeeRepo.Employer_Name + @"\" + System.DateTime.Now.Day + "_" + System.DateTime.Now.Month + "_" + System.DateTime.Now.Year);
}
if (!(System.IO.File.Exists(path + @"\" + "STATEMENTS" + @"\" + employeeRepo.Employer_Name + @"\" + System.DateTime.Now.Day + "_" + System.DateTime.Now.Month + "_" + System.DateTime.Now.Year + @"\" + employeeRepo.First_Name + "_" + employeeRepo.Surname + "_" + employeeRepo.ESF_Id + "_" + employeeRepo.Scheme_Name + "_Statement.pdf")))
{
System.IO.File.Delete(path + @"\" + "STATEMENTS" + @"\" + employeeRepo.Employer_Name + @"\" + System.DateTime.Now.Day + "_" + System.DateTime.Now.Month + "_" + System.DateTime.Now.Year + @"\" + employeeRepo.First_Name + "_" + employeeRepo.Surname + "_" + employeeRepo.ESF_Id + "_" + employeeRepo.Scheme_Name + "_Statement.pdf");
}
DocumentName = (path + @"\" + "STATEMENTS" + @"\" + employeeRepo.Employer_Name + @"\" + System.DateTime.Now.Day + "_" + System.DateTime.Now.Month + "_" + System.DateTime.Now.Year + @"\" + employeeRepo.First_Name + "_" + employeeRepo.Surname + "_" + employeeRepo.ESF_Id + "_" + employeeRepo.Scheme_Name + "_Statement.pdf");
My_Report.Render();
My_Report.ExportDocument(StiExportFormat.Pdf, DocumentName);
////return StiMvcViewer.GetReportSnapshotResult(My_Report);
}
// Always call Close when done reading.
reader.Close();
X.Mask.Hide();
X.Msg.Show(new MessageBoxConfig
{
Title = "Successful",
Message = "Statements Successfully Downloaded",
Buttons = MessageBox.Button.OK,
Icon = MessageBox.Icon.INFO,
Width = 350
});
}
return this.Direct();
}
catch (Exception EX)
{
X.Mask.Hide();
X.Msg.Show(new MessageBoxConfig
{
Title = "Error",
Message = "Could not download statements",
Buttons = MessageBox.Button.OK,
Icon = MessageBox.Icon.ERROR,
Width = 350
});
return this.Direct();
}
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
string tainted_4 = null;
Process process = new Process();
process.StartInfo.FileName = "/bin/bash";
process.StartInfo.Arguments = "-c 'cat /tmp/tainted.txt'";
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.Start();
using (StreamReader reader = process.StandardOutput) {
tainted_2 = reader.ReadToEnd();
process.WaitForExit();
process.Close();
}
tainted_4 = tainted_2;
StringBuilder escape = new StringBuilder();
for (int i = 0; i < tainted_2.Length; ++i)
{
char current = tainted_2[i];
switch (current)
{
case '\\':
escape.Append(@"\5c");
break;
case '*':
escape.Append(@"\2a");
break;
case '(':
escape.Append(@"\28");
break;
case ')':
escape.Append(@"\29");
break;
case '\u0000':
escape.Append(@"\00");
break;
case '/':
escape.Append(@"\2f");
break;
default:
escape.Append(current);
break;
}
}
tainted_3 = escape.ToString();
Class_16464 var_16464 = new Class_16464(tainted_3);
tainted_4 = var_16464.get_var_16464();
//flaw
string query = "SELECT * FROM '" + tainted_4 + "'";
string connectionString = "Data Source=localhost;User ID=oracle_user;Password=oracle_password";
OracleConnection dbConnection = null;
try{
dbConnection = new OracleConnection(connectionString);
dbConnection.Open();
OracleCommand cmd = dbConnection.CreateCommand();
cmd.CommandText = query;
OracleDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Console.WriteLine(reader.ToString());
}
dbConnection.Close();
}catch (Exception e) {
Console.WriteLine(e.ToString());
}
}
void ExecuteSql(string sql)
{
switch (DbType)
{
case Type.SqlServer:
using (var conn = new SqlConnection(ConnectionString))
{
var comm = new SqlCommand(sql, conn);
ExecSql(conn, comm);
}
break;
case Type.Access:
using (var conn = new OleDbConnection(ConnectionString))
{
var comm = new OleDbCommand(sql, conn);
ExecSql(conn, comm);
}
break;
case Type.Oracle:
using (var conn = new OracleConnection(ConnectionString))
{
var comm = new OracleCommand(sql, conn);
ExecSql(conn, comm);
}
break;
case Type.MySql:
using (var conn = new MySqlConnection(ConnectionString))
{
var comm = new MySqlCommand(sql, conn);
ExecSql(conn, comm);
}
break;
case Type.Sqlite:
using (var conn = new SQLiteConnection(ConnectionString))
{
var comm = new SQLiteCommand(sql, conn);
ExecSql(conn, comm);
}
break;
case Type.PostGreSql:
using (var conn = new NpgsqlConnection(ConnectionString))
{
var comm = new NpgsqlCommand(sql, conn);
ExecSql(conn, comm);
}
break;
case Type.Teradata:
using (var conn = new TdConnection(ConnectionString))
{
var comm = new TdCommand(sql, conn);
ExecSql(conn, comm);
}
break;
}
}
public static void SendEmails(String Type)
{
try
{
//return;
string EmailPrifix = WebConfigurationManager.AppSettings["EmailSubjectPrifix"].ToString();
OracleConnection connORAGetData = new OracleConnection(ConfigurationManager.ConnectionStrings["ORAWF_ACC"].ToString());
SqlConnection connEmail = new SqlConnection(ConfigurationManager.ConnectionStrings["sqlconn"].ToString());
SqlCommand cmdEmail = new SqlCommand();
SqlDataReader drEmail;
OracleCommand cmdORADetails = new OracleCommand();
OracleDataReader drORADetails;
DataTable Details = new DataTable();
String MailHeader = "";
String MailSubject = "";
String RefNo = "";
String AgentCode = "";
cmdEmail.CommandType = CommandType.Text;
//cmdEmail.CommandText = "SELECT * FROM BRANCH_E_MAIL WHERE BRANCH_CODE='" + Convert.ToString(Dts.Variables["Branch_code_name"].Value) + "'";
cmdEmail.CommandText = "SELECT * FROM BRANCH_E_MAIL WHERE BRANCH_CODE = 'TEST'";
cmdEmail.Connection = connEmail;
connEmail.Open();
drEmail = cmdEmail.ExecuteReader();
cmdORADetails.CommandType = CommandType.Text;
if (Type == "General")
{
MailHeader = "GI";
MailSubject = "GI";
RefNo = "Debit No.";
AgentCode = "Agent Code";
cmdORADetails.CommandText = "SELECT T2.PPA_PTY_PARTY_CODE,T.DEBIT_NO,SUBSTR(T.STATUS,-59,20) AS RV,T.AMOUNT,T.STATUS,T.CASH_ACCOUNT,T.INSTRUMENT_DATE " +
" FROM TEMP_GI_RECEIPT_BATCH T,T_POLICY T1, T_POLICY_PARTY T2, T_DEBIT_CREDIT_NOTE T3,TEMP_GI_RECEIPT_BATCH_ORG T4 " +
" WHERE T.SERIAL = T4.SERIAL " +
" AND T.DEBIT_NO=T3.DCN_DEBIT_CREDIT_NOTE_NO " +
" AND T1.POL_POLICY_ID=T3.DCN_POL_POLICY_ID " +
" AND T1.POL_POLICY_ID=T2.PPA_POL_POLICY_ID " +
" AND T2.PPA_SHR_STAKE_HOLDER_FN_CODE IN ('AGENT','HNB_BANK','DIRECT','DIR_SP','DIR_SPIND','BROKER','ASSU_STAFF','HNB_STAFF') " +
" AND T2.PPA_EFFECTIVE_END_DATE IS NULL " +
" AND T.POLICY_BRANCH = 'HDO' ORDER BY SUBSTR(T.STATUS,-59,20),T2.PPA_PTY_PARTY_CODE";
//" AND T.POLICY_BRANCH = '" + Convert.ToString(Dts.Variables["Branch_code_name"].Value) + "' ORDER BY SUBSTR(T.STATUS,-59,20),T2.PPA_PTY_PARTY_CODE";
}
if (Type == "Life")
{
MailHeader = "LIFE";
MailSubject = "LIFE";
RefNo = "Policy No.";
AgentCode = "Agent Code";
cmdORADetails.CommandText = "SELECT T2.PPA_PTY_PARTY_CODE,T.POLICY_NUMBER,SUBSTR(T.STATUS,-20,20) AS RV,T.AMOUNT,T.STATUS,T.CASH_ACCOUNT,T.INSTRUMENT_DATE " +
"FROM TEMP_LIFE_RECEIPT_BATCH T,T_POLICY T1, T_POLICY_PARTY T2,TEMP_LIFE_RECEIPT_BATCH_ORG T3 " +
"WHERE T.SERIAL = T3.SERIAL AND (T.POLICY_NUMBER=T1.POL_POLICY_NUMBER OR T.POLICY_NUMBER=T1.POL_PROPOSAL_NUMBER) AND T1.POL_POLICY_ID=T2.PPA_POL_POLICY_ID " +
"AND T2.PPA_SHR_STAKE_HOLDER_FN_CODE IN ('AGENT','HNB_BANK','DIRECT','DIR_SP','DIR_SPIND','BROKER','ASSU_STAFF','HNB_STAFF') " +
"AND T2.PPA_EFFECTIVE_END_DATE IS NULL AND T.POLICY_BRANCH = 'HDO' ORDER BY SUBSTR(T.STATUS,-20,20),T2.PPA_PTY_PARTY_CODE";
//12-07-2016
//cmdORADetails.CommandText = "SELECT T2.PPA_PTY_PARTY_CODE,T.POLICY_NUMBER,SUBSTR(T.STATUS,-20,20) AS RV,T.AMOUNT,T.STATUS,T.CASH_ACCOUNT,T.INSTRUMENT_DATE " +
// "FROM TEMP_LIFE_RECEIPT_BATCH T,T_POLICY T1, T_POLICY_PARTY T2,TEMP_LIFE_RECEIPT_BATCH_ORG T3 " +
// "WHERE T.SERIAL = T3.SERIAL " +
// "AND T.POLICY_NUMBER=T1.POL_POLICY_NUMBER " +
// "AND T1.POL_POLICY_ID=T2.PPA_POL_POLICY_ID " +
// "AND T2.PPA_SHR_STAKE_HOLDER_FN_CODE IN ('AGENT','HNB_BANK','DIRECT','DIR_SP','DIR_SPIND','BROKER','ASSU_STAFF','HNB_STAFF') " +
// "AND T2.PPA_EFFECTIVE_END_DATE IS NULL " +
// "AND T.POLICY_BRANCH = 'HDO' ORDER BY SUBSTR(T.STATUS,-20,20),T2.PPA_PTY_PARTY_CODE";
/////////////"AND T.POLICY_BRANCH = '" + Convert.ToString(Dts.Variables["Branch_code_name"].Value) + "' ORDER BY SUBSTR(T.STATUS,-20,20),T2.PPA_PTY_PARTY_CODE";
}
if (Type == "NonTCS")
{
MailHeader = "NonTCS";
MailSubject = "NonTCS";
RefNo = "Policy No.";
AgentCode = "Instrument No.";
//cmdORADetails.CommandText = " SELECT substr(T.NARRATION,0,instr(T.NARRATION,'-')-1 ) Narration,T.POLICY_NUMBER,SUBSTR(T.STATUS,-20,20) AS RV,T.AMOUNT,T.STATUS,T.CASH_ACCOUNT,T.INSTRUMENT_DATE,T.TRANSACTION_CODE " +
// " FROM TEMP_LIFE_RECEIPT_BATCH_NONTCS T,temp_receipt_batch_nontcs_org T4 " + //TEMP_LIFE_RECEIPT_BATCH_NT_ORG T4 " +
// " WHERE T.SERIAL = T4.SERIAL " +
// " AND T.POLICY_BRANCH = 'HDO' ORDER BY SUBSTR(T.STATUS,-20,20)";
// //" AND T.POLICY_BRANCH = '" + Convert.ToString(Dts.Variables["Branch_code_name"].Value) + "' ORDER BY SUBSTR(T.STATUS,-20,20)";
cmdORADetails.CommandText = " SELECT T.Transaction_Code, T.POLICY_NUMBER,SUBSTR(T.STATUS,-20,20) AS RV,T.AMOUNT,T.STATUS,T.CASH_ACCOUNT,T.INSTRUMENT_DATE " +
" FROM iims_acc.TEMP_LIFE_RECEIPT_BATCH_NONTCS T,iims_acc.temp_receipt_batch_nontcs_org T4 " +
" WHERE T.SERIAL = T4.SERIAL " +
" AND T.POLICY_BRANCH = 'HDO' ORDER BY SUBSTR(T.STATUS,-20,20) ";
}
//connEmail.Close();
cmdORADetails.Connection = connORAGetData;
connORAGetData.Open();
drORADetails = cmdORADetails.ExecuteReader();
Details.Load(drORADetails);
//
if (Details.Rows.Count == 0)
{
return;
}
//if (drORADetails.HasRows)
//{
string test;
// TODO: Add your code here
test = "<html><body><table>";
test += "<tr bgcolor=" + "#7C9CB6" + ">" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + AgentCode + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + RefNo + "</font></td>" + //"<td><font face=" + "Tahoma" + " size=" + "-1>Debit No.</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>Receipt No.</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>Amount</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>Status</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>Cash Acc.</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>IBT Date</font></td></tr>";
for (int i = 0; i < Details.Rows.Count; i++)
{
if (i % 2 == 0)
{
test += "<tr bgcolor=" + "#FFFFFF" + ">" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][0] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][1] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][2] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Convert.ToDouble(Details.Rows[i][3]).ToString("#,##0.00") + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][4] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][5] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][6] + "</font></td></tr>";
}
else
{
test += "<tr bgcolor=" + "#CCCCCC" + ">" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][0] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][1] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][2] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Convert.ToDouble(Details.Rows[i][3]).ToString("#,##0.00") + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][4] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][5] + "</font></td>" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + Details.Rows[i][6] + "</font></td></tr>";
}
}
test += "</table></html></body>";
//Dts.Variables["Email"].Value = test.ToString();
MailMessage message = new MailMessage();
//MailAddress from = new MailAddress("*****@*****.**", "TCS Receipt Upload - " + MailHeader+ "Testing Only");
MailAddress from = new MailAddress("*****@*****.**", "TCS Receipt Upload - " + MailHeader + EmailPrifix);
while (drEmail.Read())
{
MailAddress to = new MailAddress(drEmail["EMAIL"].ToString());
message.To.Add(to);
}
message.From = from;
//message.Subject = "TCS Receipt Upload - "+MailSubject+"Testing Only";
message.Subject = "TCS Receipt Upload - " + MailSubject + EmailPrifix;
message.IsBodyHtml = true;
//string BodyText;
message.Body = @test;
SmtpClient client = new SmtpClient("smtp.hnbassurance.com");
client.Credentials = new System.Net.NetworkCredential("misreports", "Water@1234");
client.Send(message);
if (Type == "General")
{
OracleConnection conn = new OracleConnection(ConfigurationManager.ConnectionStrings["ORAWF"].ToString());
OracleCommand cmd = new OracleCommand();//conn.CreateCommand();
cmd.Connection = conn;
cmd.CommandText = "sp_fas_ibt_clear_Tables_ORG";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("vType", OracleType.VarChar).Value = "General";
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
}
if (Type == "Life")
{
OracleConnection conn = new OracleConnection(ConfigurationManager.ConnectionStrings["ORAWF"].ToString());
OracleCommand cmd = new OracleCommand();//conn.CreateCommand();
cmd.Connection = conn;
cmd.CommandText = "sp_fas_ibt_clear_Tables_ORG";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("vType", OracleType.VarChar).Value = "Life";
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
}
if (Type == "NonTCS")
{
OracleConnection conn = new OracleConnection(ConfigurationManager.ConnectionStrings["ORAWF"].ToString());
OracleCommand cmd = new OracleCommand();//conn.CreateCommand();
cmd.Connection = conn;
cmd.CommandText = "sp_fas_ibt_clear_Tables_ORG";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("vType", OracleType.VarChar).Value = "NonTCS";
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
}
}
catch (Exception)
{
throw;
}
}
/// <summary>コネクションの確立</summary>
/// <param name="connstring">接続文字列</param>
/// <remarks>必要に応じて利用する。</remarks>
public override void ConnectionOpen(string connstring)
{
// コネクションをオープン
this._cnn = new OracleConnection(connstring);
this._cnn.Open();
}
private DataTable getTareas(ref string tsErrMessage)
{
DataTable loDtTareas = getEstructuraTareas();
OracleDataAdapter loAdaptador;
OracleConnection loConexion = null;
DataTable loDtConsulta;
try
{
if (!GetConexion(ref loConexion, ref tsErrMessage))
{
return(loDtTareas);
}
loConexion.Open();
loAdaptador = new OracleDataAdapter("XXFM.XXFM_INT_CONF_EXT_READ_U02", loConexion);
loAdaptador.SelectCommand.CommandType = CommandType.StoredProcedure;
loAdaptador.SelectCommand.Connection = loConexion;
loAdaptador.SelectCommand.Parameters.Add(new OracleParameter("pcurcursor", OracleType.Cursor));
loAdaptador.SelectCommand.Parameters["pcurcursor"].Direction = ParameterDirection.Output;
loDtConsulta = new DataTable("DtConsulta");
loAdaptador.Fill(loDtConsulta);
foreach (DataRow loRow in loDtConsulta.Rows)
{
DataRow loTmpRow = loDtTareas.NewRow();
loTmpRow["IdConfExtraccion"] = loRow["ID_CONFE"];
loTmpRow["ProximaFecha"] = loRow["FEC_CONFE"];
loTmpRow["FechaFinal"] = loRow["FEC_FIN"];
//loTmpRow["EsInfinito"] = loRow["COD_FIN"].ToString() = "T";
loTmpRow["CantidadEventos"] = loRow["NUM_RECU"];
loDtTareas.Rows.Add(loTmpRow);
}
//Una vez recuperada las tareas se cambia su estatus a INACTIVO inmediatamente
//Esto con la finalidad de evitar que el sistema vuelva
//a tomar extracciones que ya están siendo o fueron procesadas
foreach (DataRow loRow in loDtConsulta.Rows)
{
//TODO
}
}
catch (OracleException ex)
{
validarError(ex.Code, ex.Message, "", ex.Message);
}
catch (Exception ex)
{
validarError(0, ex.Message, "", ex.Message);
}
finally
{
if (loConexion != null)
{
loConexion.Close();
}
}
//Retornamos el resultado
return(loDtTareas);
}
public override void InsertData(object obj, out int errCode, out string errText)
{
string strProcedureName = string.Format("{0}.{1}", className, MethodBase.GetCurrentMethod().Name);
WriteLog.Instance.WriteBeginSplitter(strProcedureName);
errCode = 0;
errText = "";
if (obj == null)
{
return;
}
var item = obj as TransferEntity;
if (item == null)
{
return;
}
try {
WriteLog.Instance.Write(
string.Format("执行存储过程 " +
"usp_wt_grzy,参数:" +
"i_ywno={0}|i_gracntno={1}|i_dwacntno={2}|i_dstdwacntno={3}|i_remark={4}",
item.TRANSACTNO, item.GRACNTNO, item.SRCDWACNTNO, item.DSTDWACNTNO, item.REMARK),
strProcedureName);
#region 执行数据库函数或存储过程
using (OracleConnection conn = new OracleConnection(CON_STR_TARGET)) {
conn.Open();
OracleCommand ocm = conn.CreateCommand();
ocm.CommandType = CommandType.StoredProcedure;
ocm.CommandText = "usp_wt_grzy";
ocm.Parameters.Add("i_ywno", OracleDbType.Decimal).Direction = ParameterDirection.Input;
ocm.Parameters["i_ywno"].Value = item.TRANSACTNO;
ocm.Parameters.Add("i_gracntno", OracleDbType.Varchar2).Direction = ParameterDirection.Input;
ocm.Parameters["i_gracntno"].Value = item.GRACNTNO;
ocm.Parameters.Add("i_dwacntno", OracleDbType.Varchar2).Direction = ParameterDirection.Input;
ocm.Parameters["i_dwacntno"].Value = item.SRCDWACNTNO;
ocm.Parameters.Add("i_dstdwacntno", OracleDbType.Varchar2).Direction = ParameterDirection.Input;
ocm.Parameters["i_dstdwacntno"].Value = item.DSTDWACNTNO;
ocm.Parameters.Add("i_remark", OracleDbType.Varchar2).Direction = ParameterDirection.Input;
ocm.Parameters["i_remark"].Value = item.REMARK;
ocm.Parameters.Add("i_amount", OracleDbType.Decimal).Direction = ParameterDirection.Input;
ocm.Parameters["i_remark"].Value = 0;//todo:现在没有这个参数,后面添上
ocm.Parameters.Add("o_errCode", OracleDbType.Int32).Direction = ParameterDirection.Output;
ocm.Parameters.Add("o_errtext", OracleDbType.Varchar2, 100).Direction = ParameterDirection.Output;
ocm.ExecuteNonQuery();
errCode = ocm.Parameters["o_errCode"] == null ? 0 : Convert.ToInt32(ocm.Parameters["o_errCode"].Value.ToString());
errText = ocm.Parameters["o_errtext"] == null || ocm.Parameters["o_errtext"].Value == null ? null : ocm.Parameters["o_errtext"].Value.ToString();
}
var errInfo = errText;
this.SaveResult(item.TRANSACTNO, errCode, errText);
errInfo += errText;
ShowResult(item.REMARK, errInfo);
#endregion
} catch (Exception error) {
errCode = 99000;
errText = string.Format("获取视图uvw_todo_grzy内容时发生异常:{0}", error.Message);
ShowResult(item.REMARK, errText);
WriteLog.Instance.Write(errText, strProcedureName);
} finally {
WriteLog.Instance.WriteEndSplitter(strProcedureName);
}
}
public MainForm(OracleConnection connection)
{
this.connection = connection;
InitializeComponent();
InitializeProjectList();
}
public static void EmailAlertCommon(Int16 EmailID, ArrayList List, String Status)
{
try
{
//return;
string EmailPrifix = WebConfigurationManager.AppSettings["EmailSubjectPrifix"].ToString();
EmailPrifix = " - " + EmailPrifix + " - ";
String To = "";
String Cc = "";
String DisplayName = "";
String Subject = "";
String Body = "";
OracleConnection conn_GetUserRole = new OracleConnection(ConfigurationManager.ConnectionStrings["ORAWF"].ToString());
conn_GetUserRole.Open();
OracleCommand cmd = conn_GetUserRole.CreateCommand();
cmd.CommandText = " select t.email_to_list,t.email_cc_list,t.email_display_name,t.email_subject,t.email_body from " +
" fas_ibt_email_alerts t where t.Email_id = '" + EmailID + "' and t.effective_end_date is null";
OracleDataAdapter oda = new OracleDataAdapter(cmd);
DataTable dt = new DataTable();
DataTable dt2 = new DataTable();
oda.Fill(dt);
//Database having values
To = dt.Rows[0]["email_to_list"].ToString().Replace(";", ",") + ",";
Cc = dt.Rows[0]["email_cc_list"].ToString().Replace(";", ",") + ",";
//DisplayName = dt.Rows[0]["email_display_name"].ToString()+"Testing Only";
//Subject = dt.Rows[0]["email_subject"].ToString()+"Testing Only";
DisplayName = dt.Rows[0]["email_display_name"].ToString() + EmailPrifix;
Subject = dt.Rows[0]["email_subject"].ToString() + EmailPrifix;
Body = dt.Rows[0]["email_body"].ToString() + EmailPrifix;
//-------------MRP ERROR LIST--------------
if (List != null)
{
Body = "<html><body><table>";
Body += "<tr bgcolor=" + "#7C9CB6" + ">" +
"<td><font face=" + "Tahoma" + " size=" + "-1>Serial Number</font></td></tr>";
foreach (var item in List)
{
Body += "<tr bgcolor=" + "#CCCCCC" + ">" +
"<td><font face=" + "Tahoma" + " size=" + "-1>" + item + "</font></td></tr>";
}
Body += "</table></html></body>";
}
else
{
if (EmailID == 5)//If Statement Upload then bind the account number
{
Body = dt.Rows[0]["email_body"].ToString() + " - " + EmailPrifix + Status;
}
else
{
Body = dt.Rows[0]["email_body"].ToString() + EmailPrifix;
}
}
//-----------------------------------------
MailMessage message = new MailMessage();
MailAddress from = new MailAddress("*****@*****.**", DisplayName);
String OriginTO = To;
for (int i = 0; i < OriginTO.Length; i++)
{
String Temp = OriginTO.Substring(0, OriginTO.IndexOf(",") + 1);
if (Temp == "")
{
break;
}
OriginTO = OriginTO.Replace(Temp, "");
MailAddress to = new MailAddress(Temp.Replace(",", ""));
message.To.Add(to);
}
String OriginCC = Cc;
for (int i = 0; i < OriginCC.Length; i++)
{
String Temp = OriginCC.Substring(0, OriginCC.IndexOf(",") + 1);
if (Temp == "")
{
break;
}
OriginCC = OriginCC.Replace(Temp, "");
MailAddress cc = new MailAddress(Temp.Replace(",", ""));
message.CC.Add(cc);
}
message.From = from;
message.Subject = Subject;
if (List != null)
{
message.IsBodyHtml = true;
}
message.Body = @Body;
SmtpClient client = new SmtpClient("smtp2.hnbassurance.com");
client.Credentials = new System.Net.NetworkCredential("misreports", "Water@1234");
client.Send(message);
}
catch (Exception)
{
throw;
}
}
/// <summary>
/// 将考勤记录导入数据库.
/// </summary>
/// <param name="xlsFilePath"></param>
/// <param name="randomStr"></param>
/// <param name="pb"></param>
/// <returns></returns>
public static MSG ImportAttendanceRecordToDB(string xlsFilePath, string randomStr, BackgroundWorker bgWork)
{
string excelName = Usual_Excel_Helper.getExcelName(xlsFilePath);
bgWork.ReportProgress(0, string.Format(@"lblPrompt.Text = {0},准备读取:", excelName));
int pbLength = 0;
bgWork.ReportProgress(pbLength, "pb.Maximum");
int pbValue = 0;
bgWork.ReportProgress(pbValue, "pb.Value");
MSG msg = new MSG();
//用于确定本月最后一天.
Stack <int> sDate = new Stack <int>();
//Queue<AttendanceR> qAttendanceR = new Queue<AttendanceR>();
Queue <AttendanceRecordDetail> qARDetail = new Queue <AttendanceRecordDetail>();
AttendanceRecordDetail._random_str = randomStr;
//按指纹日期
string fingerPrintDate = String.Empty;
//行最大值.
int rowsMaxCount = 0;
int colsMaxCount = 0;
Usual_Excel_Helper uEHelper = null;
MyExcel myExcel = new MyExcel(xlsFilePath);
//打开该文档。
myExcel.openWithoutAlerts();
//只获取第一个表格。
Worksheet ws = myExcel.getFirstWorkSheetAfterOpen();
bgWork.ReportProgress(0, string.Format(@"lblPrompt.Text = {0},正在读取:", excelName));
AttendanceRecordDetail._file_path = xlsFilePath;
//行;列最大值 赋值.
rowsMaxCount = ws.UsedRange.Rows.Count;
colsMaxCount = ws.UsedRange.Columns.Count;
AttendanceRecordDetail._sheet_name = ws.Name;
//判断首行是否为 考勤记录表;以此判断此表是否为考勤记录表.
string A1Str = ((Range)ws.Cells[1, 1]).Text.ToString().Trim().Replace("\n", "").Replace("\r", "").Replace(" ", "");
if (String.IsNullOrEmpty(A1Str))
{
msg.Msg = "工作表的A1单元格不能为空!";
msg.Flag = false;
myExcel.close();
return(msg);
}
//如果A1Str的内容不包含"考勤记录表"5个字。
if (!A1Str.Contains("考勤记录表"))
{
msg.Msg = "A1内容未包含'考勤记录表'";
msg.Flag = false;
myExcel.close();
return(msg);
}
#region 判断名称中是否区分了考勤记录。
string Seq_Attendance_Record = string.Empty;
int indexOfFullStop = xlsFilePath.LastIndexOf(".");
Seq_Attendance_Record = xlsFilePath.Substring(indexOfFullStop - 1, 1);
if (!CheckPattern.CheckNumber(Seq_Attendance_Record))
{
msg.Msg = "考勤记录表名称请以数字结尾!";
msg.Flag = false;
myExcel.close();
return(msg);
}
#endregion
AttendanceRecordDetail._prefix_Job_Number = excelName.Substring(excelName.Length - 1, 1).ToCharArray()[0];
string C3Str = ((Range)ws.Cells[3, 3]).Text.ToString().Trim();
// \0: 表空字符.
if (String.IsNullOrEmpty(C3Str))
{
msg.Msg = "异常: 考勤时间为空!";
msg.Flag = false;
myExcel.close();
return(msg);
}
//
string[] ArrayC3 = C3Str.Split('~');
if (ArrayC3.Length == 0)
{
msg.Msg = "异常: 考勤时间格式变更!";
msg.Flag = false;
myExcel.close();
return(msg);
}
AttendanceRecordDetail._start_date = ArrayC3[0].ToString().Trim().Replace('/', '-');
AttendanceRecordDetail._end_date = ArrayC3[1].ToString().Trim().Replace('/', '-');
//制表时间: L3 3行12列.
string L3Str = ((Range)ws.Cells[3, 12]).Text.ToString().Trim().Replace('/', '-');
if (String.IsNullOrEmpty(L3Str))
{
msg.Msg = "异常: 制表时间为空!";
msg.Flag = false;
myExcel.close();
return(msg);
}
//制表时间.
AttendanceRecordDetail._tabulation_time = L3Str;
//检查第4行是否为;考勤时间:
string A4Str = ((Range)ws.Cells[4, 1]).Text.ToString().Trim();
if (!"1".Equals(A4Str, StringComparison.CurrentCultureIgnoreCase))
{
msg.Msg = "异常: 第四行已变更!";
msg.Flag = false;
myExcel.close();
return(msg);
}
uEHelper = new Usual_Excel_Helper(ws);
//此刻不能删除,只是获取行号。
Queue <Range> rangeToDelQueue = new Queue <Range>();
//判断是否有空行。
for (int i = 5; i <= rowsMaxCount; i++)
{
if (uEHelper.isBlankRow(i))
{
//只要上一列不是
//删除掉此行。
//判断上一行中的A列是否为工号。
string temp = uEHelper.getSpecificCellValue("A" + (i - 1).ToString());
if ("工号:".Equals(temp))
{
//本行为空,上一行为工号行,则也统计。
continue;
}
//本行,为空,上一行非工号行。则删除本行。
Range rangeToDel = (Microsoft.Office.Interop.Excel.Range)uEHelper.WS.Rows[i, System.Type.Missing];
//不为工号
rangeToDelQueue.Enqueue(rangeToDel);
}
;
}
Range rangeToDelete;
//开始删除空行。
while (rangeToDelQueue.Count > 0)
{
rangeToDelete = rangeToDelQueue.Dequeue();
rangeToDelete.Delete(XlDeleteShiftDirection.xlShiftUp);
}
;
rowsMaxCount = ws.UsedRange.Rows.Count;
//进度条长度增加。
pbLength += colsMaxCount;
pbLength += (colsMaxCount * (rowsMaxCount - 5 + 1));
bgWork.ReportProgress(pbLength, "pb.Maximum");
//入队列值0
sDate.Push(0);
//显示进度条。
//考勤表中第4行,某月的最大考勤天数。
//lblPrompt.Text = excelName + ",正在读取:";
int actualMaxDay = 0;
//开始循环
for (int i = 1; i <= colsMaxCount; i++)
{
A4Str = ((Range)ws.Cells[4, i]).Text.ToString();
//碰到第4行某列为空,退出循环。
if (String.IsNullOrEmpty(A4Str))
{
break;
}
int aDate = 0;
//对A4Str进行分析.
if (!Int32.TryParse(A4Str, out aDate))
{
msg.Msg = String.Format(@"异常: 考勤日期行第{0}列出现非数字内容!", aDate);
msg.Flag = false;
myExcel.close();
return(msg);
}
//判断新增的日期是否大于上一个.
if (aDate <= sDate.Peek())
{
//跳出循环.
break;
}
actualMaxDay++;
sDate.Push(aDate);
//pb.Value++;
bgWork.ReportProgress(pbValue++, "pb.Value");
}
//取其中的最小值。
colsMaxCount = Math.Min(sDate.Count - 1, actualMaxDay);
//考勤日期
fingerPrintDate = AttendanceRecordDetail._start_date.Substring(0, 7).Replace('/', '-');
string tempStr = string.Empty;
//开始循环
for (int colIndex = 1; colIndex <= colsMaxCount; colIndex++)
{
//从第5行开始.
//奇数;偶数行共用一个对象.
AttendanceRecordDetail ARDetail = null;
//设定用于填充的对象
AttendanceRecordDetail._prefix_Job_Number = Seq_Attendance_Record.ToCharArray()[0];
for (int rowIndex = 5; rowIndex <= rowsMaxCount; rowIndex++)
{
//如果行数为奇数则为工号行.
if (rowIndex % 2 == 1)
{
//工号行.
//取工号
ARDetail = new AttendanceRecordDetail();
ARDetail.Job_number = ((Range)ws.Cells[rowIndex, 3]).Text.ToString().Trim();
//自行拼凑AR.
ARDetail.combine_Job_Number();
//取姓名: K5
ARDetail.Name = ((Range)ws.Cells[rowIndex, Usual_Excel_Helper.getColIndexByStr("K")]).Text.ToString().Trim();
//取部门: U5
ARDetail.Dept = ((Range)ws.Cells[rowIndex, Usual_Excel_Helper.getColIndexByStr("U")]).Text.ToString().Trim();
//部门为空,则填充为NULL;
ARDetail.Dept = !String.IsNullOrEmpty(ARDetail.Dept) ? ARDetail.Dept : "NULL";
//取日期.填充0;
ARDetail.Fingerprint_date = fingerPrintDate + "-" + colIndex.ToString().PadLeft(2, '0');
}
else
{
//偶数行取考勤结果.
//上班时间. 如B10;
tempStr = ((Range)ws.Cells[rowIndex, colIndex]).Text.ToString().Trim();
string tempFirstTime = String.Empty;
string tempLastTime = String.Empty;
List <string> strTimeList = null;
msg = getFPTimeReturnMSG(tempStr, out strTimeList);
if (!msg.Flag)
{
msg.Msg = string.Format(@"导入失败,提交数据尚未开始:第{0}行{1}列,{1}!", rowIndex, colIndex, msg.Msg);
myExcel.close();
return(msg);
}
;
//无打卡记录,不提交
if (strTimeList.Count == 0)
{
qARDetail.Enqueue(ARDetail);
}
//有打卡记录
for (int i = 0; i < strTimeList.Count; i++)
{
AttendanceRecordDetail ARDetailTemp = (AttendanceRecordDetail)CloneObject.Clone(ARDetail);
ARDetailTemp.Finger_print_time = ARDetailTemp.Fingerprint_date + " " + strTimeList[i].ToString();
qARDetail.Enqueue(ARDetailTemp);
}
}
//pb.Value++;
bgWork.ReportProgress(pbValue++, "pb.Value");
}
}
//释放对象
myExcel.close();
System.Threading.Thread.Sleep(2000);
GC.Collect();
GC.WaitForPendingFinalizers();
//lblResult.Text = "";
bgWork.ReportProgress(0, "lblResult.Text = ''");
//lblPrompt.Text = "提交数据: ";
bgWork.ReportProgress(0, string.Format(@"lblPrompt.Text = {0}, 提交数据:", excelName));
//
bgWork.ReportProgress(qARDetail.Count, "pb.Maximum");
//*******/
pbValue = 0;
bgWork.ReportProgress(pbValue, "pb.Value");
#region
//OracleDaoHelper.noLogging("Attendance_Record");
OracleDaoHelper.noLogging("Attendance_Record_Detail");
OracleConnection conn = OracleConnHelper.getConn();
OracleTransaction tran = conn.BeginTransaction();
//保存对象
while (qARDetail.Count > 0)
{
try
{
AttendanceRecordDetail aRDetail = qARDetail.Dequeue();
affectedCount += aRDetail.saveBySpecificConn(conn);
//pb.Value++;
bgWork.ReportProgress(pbValue++, "pb.Value");
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString(), "提示:", MessageBoxButtons.OK, MessageBoxIcon.Error);
msg.Msg = DirectoryHelper.getFileName(xlsFilePath) + ":导入失败; " + ex.ToString();
msg.Flag = false;
tran.Rollback();
conn.Close();
conn.Dispose();
return(msg);
throw;
}
}
tran.Commit();
conn.Close();
conn.Dispose();
#endregion
//OracleDaoHelper.logging("Attendance_Record");
OracleDaoHelper.logging("Attendance_Record_Detail");
msg.Flag = true;
msg.Msg = String.Format(@"导入完成;总计{0}条.", affectedCount.ToString());
return(msg);
}
//Searching through NAME
void teachoffname()
{
//Searching through NAME
pictureBox1.Image = JIST.Properties.Resources.Users_icon;
String str = "Data Source=localhost:1521/xe;user id=IMS;password=enteryourchoice";
OracleConnection con = new OracleConnection(str);
string query = "select p.photograph as IMGts.tsid as ID,upper(p.fname)||' '||upper(p.mname)||' '||upper(p.lname) as Full_Name,ts.designation as \"Designation \",ts.salary as \"Salary \",to_char(p.DOA,'dd/MON/yyyy') as Date_of_Joining,p.gender as Gender from person p,teaching_staff ts where ts.pid=p.pid order by fname,mname,lname";
string query1 = "select p.photograph as IMG,os.staffid as ID,upper(p.fname)||' '||upper(p.mname)||' '||upper(p.lname) as Full_Name,os.designation as \"Designation \",os.salary as \"Salary \",to_char(p.DOA,'dd/MON/yyyy') as Date_of_Joining,p.gender as Gender from person p,office_staff os where os.pid=p.pid order by fname,mname,lname";
OracleCommand cmd = new OracleCommand(query, con);
OracleCommand cmd1 = new OracleCommand(query1, con);
try
{
OracleDataAdapter oda = new OracleDataAdapter();
OracleDataAdapter oda1 = new OracleDataAdapter();
oda.SelectCommand = cmd;
oda1.SelectCommand = cmd1;
DataTable dbt, dbt1;
dbt = new DataTable();
dbt1 = new DataTable();
if (comboBox2.Text == "Teaching Staff")
{
oda.Fill(dbt);
DataView DV = new DataView(dbt);
DV.RowFilter = string.Format("Full_Name like '%{0}%'", textBox2.Text);
dataGridView1.DataSource = DV;
}
else
{
oda1.Fill(dbt1);
DataView DV1 = new DataView(dbt1);
DV1.RowFilter = string.Format("Full_Name like '%{0}%'", textBox2.Text);
dataGridView1.DataSource = DV1;
}
this.dataGridView1.Columns["Full_Name"].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleCenter;
this.dataGridView1.Columns["Full_Name"].AutoSizeMode = DataGridViewAutoSizeColumnMode.Fill;
this.dataGridView1.Columns["Designation "].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["Designation "].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
this.dataGridView1.Columns["Salary "].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["Salary "].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
this.dataGridView1.Columns["Gender"].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["Gender"].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
this.dataGridView1.Columns["Date_of_Joining"].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["Date_of_Joining"].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
this.dataGridView1.Columns["ID"].HeaderCell.Style.Alignment = DataGridViewContentAlignment.MiddleLeft;
this.dataGridView1.Columns["IMG"].AutoSizeMode = DataGridViewAutoSizeColumnMode.ColumnHeader;
if (this.dataGridView1.Columns["IMG"] is DataGridViewImageColumn)
{
((DataGridViewImageColumn)dataGridView1.Columns["IMG"]).ImageLayout = DataGridViewImageCellLayout.Zoom;
}
this.dataGridView1.EnableHeadersVisualStyles = false;
this.dataGridView1.ColumnHeadersDefaultCellStyle.Font = new Font("ARIAL", 9, FontStyle.Bold);
this.dataGridView1.ColumnHeadersDefaultCellStyle.ForeColor = Color.Blue;
this.dataGridView1.ColumnHeadersDefaultCellStyle.BackColor = Color.MistyRose;
this.dataGridView1.DefaultCellStyle.BackColor = Color.LightCyan;
this.dataGridView1.DefaultCellStyle.Font = new Font("ARIAL", 9, FontStyle.Bold);
this.dataGridView1.DefaultCellStyle.ForeColor = Color.Red;
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
public MarcaRepository(ConnectionManager connection)
{
_connection = connection._conexion;
}
private OracleConnector(string connectStr, OracleConnection conn)
{
this.conn = conn;
this.ConnectionStr = connectStr;
}
private void _open(Type dbtype_, string server, string dbname_, string user, string passwd)
{
dbtype = dbtype_;
dbname = dbname_;
if (String.IsNullOrEmpty(dbname))
{
throw new ArgumentException("No Database name");
}
if (dbname == DEFAULT_DATABASE)
{
switch (dbtype)
{
#if USE_MYSQL
case Type.MySQL:
dbname = "mysql";
break;
#endif
#if USE_POSTGRESQL
case Type.PostgreSQL:
dbname = "postgres";
break;
#endif
default:
dbname = "";
break;
}
}
StringBuilder constr = new StringBuilder();
switch (dbtype)
{
#if USE_MYSQL
case Type.MySQL:
constr.Append("Server=");
constr.Append(server);
constr.Append(";Database=");
constr.Append(dbname);
constr.Append(";Uid=");
constr.Append(user);
constr.Append(";Pwd=");
constr.Append(passwd);
constr.Append(";CharSet=utf8");
break;
#endif
#if USE_ORACLE
case Type.Oracle:
constr.Append("User ID=");
constr.Append(user);
constr.Append(";Password="******";Data Source=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=");
constr.Append(server);
constr.Append(")(PORT=1521))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=");
constr.Append(dbname);
constr.Append(")))");
break;
#endif
#if USE_POSTGRESQL
case Type.PostgreSQL:
constr.Append("Server=");
constr.Append(server);
constr.Append(";Port=5432;User Id=");
constr.Append(user);
constr.Append(";Password="******";Pooling=False");
constr.Append(";Encoding=UNICODE");
constr.Append(";Database=");
constr.Append(dbname);
break;
#endif
default:
// go through.
break;
}
//log("Open "+constr.ToString());
switch (dbtype)
{
#if USE_MYSQL
case Type.MySQL:
con = new MySqlConnection(constr.ToString());
break;
#endif
#if USE_ORACLE
case Type.Oracle:
con = new OracleConnection(constr.ToString());
break;
#endif
#if USE_POSTGRESQL
case Type.PostgreSQL:
con = new NpgsqlConnection(constr.ToString());
break;
#endif
default:
throw new ArgumentException("Unsupported DB type");
}
con.Open();
fetchConnectionId();
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
tainted_2 = Console.ReadLine();
tainted_3 = tainted_2;
if ((Math.Pow(4, 2) >= 42))
{
{}
}
else if (!(Math.Pow(4, 2) >= 42))
{
StringBuilder escape = new StringBuilder();
for (int i = 0; i < tainted_2.Length; ++i)
{
char current = tainted_2[i];
switch (current)
{
case '\\':
escape.Append(@"\5c");
break;
case '*':
escape.Append(@"\2a");
break;
case '(':
escape.Append(@"\28");
break;
case ')':
escape.Append(@"\29");
break;
case '\u0000':
escape.Append(@"\00");
break;
case '/':
escape.Append(@"\2f");
break;
default:
escape.Append(current);
break;
}
}
tainted_3 = escape.ToString();
}
//flaw
string query = "SELECT * FROM '" + tainted_3 + "'";
string connectionString = "Data Source=localhost;User ID=oracle_user;Password=oracle_password";
OracleConnection dbConnection = null;
try{
dbConnection = new OracleConnection(connectionString);
dbConnection.Open();
OracleCommand cmd = dbConnection.CreateCommand();
cmd.CommandText = query;
OracleDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Console.WriteLine(reader.ToString());
}
dbConnection.Close();
}catch (Exception e) {
Console.WriteLine(e.ToString());
}
}
private void OpenConnection(out Int32 iErrorId, out string sErrorMsg)
{
connDAL = new ConnectionDAL();
orlConn = connDAL.Open(out iErrorId, out sErrorMsg);
}
public static void Main(string[] args)
{
string tainted_2 = null;
string tainted_3 = null;
string tainted_4 = null;
Process process = new Process();
process.StartInfo.FileName = "/bin/bash";
process.StartInfo.Arguments = "-c 'cat /tmp/tainted.txt'";
process.StartInfo.UseShellExecute = false;
process.StartInfo.RedirectStandardOutput = true;
process.Start();
using (StreamReader reader = process.StandardOutput) {
tainted_2 = reader.ReadToEnd();
process.WaitForExit();
process.Close();
}
tainted_4 = tainted_2;
string pattern = @"/^[0-9]*$/";
Regex r = new Regex(pattern);
Match m = r.Match(tainted_2);
if (!m.Success)
{
tainted_3 = "";
}
else
{
tainted_3 = tainted_2;
}
Class_31272 var_31272 = new Class_31272(tainted_3);
tainted_4 = var_31272.get_var_31272();
string query = "SELECT * FROM Articles WHERE id=" + tainted_4;
string connectionString = "Data Source=localhost;User ID=oracle_user;Password=oracle_password";
OracleConnection dbConnection = null;
try{
dbConnection = new OracleConnection(connectionString);
dbConnection.Open();
OracleCommand cmd = dbConnection.CreateCommand();
cmd.CommandText = query;
OracleDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Console.WriteLine(reader.ToString());
}
dbConnection.Close();
}catch (Exception e) {
Console.WriteLine(e.ToString());
}
}
//NOTE: Because this is a "Dependency Injection Oriented Package"
//we need to pass the database connection and the SQL Generator as parameters
public GradoviOpcineRepository(OracleConnection connection, ISqlGenerator <GradoviOpcine> sqlGenerator)
: base(connection, sqlGenerator)
{
}
public int ShowTheConditionTable(string FromName, string ConditionShow, string man, string Keyword, out List <DataTableMember> TempTableInfoList)
{
int result = 0;
try
{
OracleConnection Conn = new OracleConnection(OracleLink);
if (Conn.State == ConnectionState.Closed)
{
Conn.Open();
}
List <DataTableMember> tempInfoMeter = new List <DataTableMember>();
if (Keyword.Substring(0, 1) == "E" || Keyword.Substring(0, 1) == "F" || Keyword.Contains("ZP") || Keyword.Contains("ZF"))
{
//string sql = "SELECT * FROM Vt_Sb_Jkzdjcjl WHERE to_char(JDRQ,'yyyy/MM/dd HH24:MI:SS') BETWEEN '" + ConditionShow + "' AND '" + endTime + " ' AND JDRYBH = '" + man + "' ORDER BY JDRQ,to_number(BW)";
string sql = "SELECT * FROM Vt_Sb_Jkzdjcjl WHERE ZCBH ='" + ConditionShow + "' ORDER BY JDRQ DESC";
OracleCommand adp = new OracleCommand(sql, Conn);
OracleDataReader myReader = null;
myReader = adp.ExecuteReader();
int count = 0;
List <DataTableMember> tempInfoQF = new List <DataTableMember>();
while (myReader.Read())
{
count++;
if (count != 1)
{
tempInfoMeter.Add(new DataTableMember()
{
ID = count,
StrJlbh = myReader["ZCBH"].ToString(),
StrJdjl = myReader["JCJLDM"].ToString(),
StrGZDBH = myReader["GZDBH"].ToString(),
StrWD = myReader["WD"].ToString(),
StrSD = myReader["SD"].ToString(),
IntMeterNum = Convert.ToInt32(myReader["BW"]),
StrJdrq = myReader["JDRQ"].ToString(),
StrJyy = myReader["JDRYBH"].ToString(),
StrJddw = myReader["BZ"].ToString(),
StrHyy = myReader["HYRYBH"].ToString(),
StrBZZZZCBH = myReader["BZZZZCBH"].ToString(),
// StrTestType=myReader["chrTestType"].ToString(),
// StrBlx=myReader["chrblx"].ToString(),
// StrBmc=myReader["chrBmc"].ToString(),
// StrUb=myReader["chrUb"].ToString(),
// StrIb=myReader["chrIb"].ToString(),
// StrMeterLevel=myReader["chrBdj"].ToString(),
// StrManufacture=myReader["chrZzcj"].ToString(),
//StrWcResult=myReader["chrJbwc"].ToString(),
//StrShellSeal = myReader["chrQianFeng1"].ToString(),
//StrCodeSeal = myReader["chrQianFeng2"].ToString(),
});
}
}
}
else
{
string sql = "SELECT * FROM " + FromName + " WHERE ZCBH ='" + ConditionShow + "' ORDER BY JDRQ DESC ";
OracleCommand adp = new OracleCommand(sql, Conn);
OracleDataReader myReader = null;
myReader = adp.ExecuteReader();
int count = 0;
List <DataTableMember> tempInfoQF = new List <DataTableMember>();
while (myReader.Read())
{
count++;
if (count != 1)
{
tempInfoMeter.Add(new DataTableMember()
{
ID = count,
StrJlbh = myReader["ZCBH"].ToString(),
StrJdjl = myReader["JDJLDM"].ToString(),
StrGZDBH = myReader["GZDBH"].ToString(),
StrWD = myReader["WD"].ToString(),
StrSD = myReader["SD"].ToString(),
IntMeterNum = Convert.ToInt32(myReader["BW"]),
StrJdrq = myReader["JDRQ"].ToString(),
StrJyy = myReader["JDRYBH"].ToString(),
StrJddw = myReader["BZ"].ToString(),
StrHyy = myReader["HYRYBH"].ToString(),
StrBZZZZCBH = myReader["BZZZZCBH"].ToString(),
// StrTestType=myReader["chrTestType"].ToString(),
// StrBlx=myReader["chrblx"].ToString(),
// StrBmc=myReader["chrBmc"].ToString(),
// StrUb=myReader["chrUb"].ToString(),
// StrIb=myReader["chrIb"].ToString(),
// StrMeterLevel=myReader["chrBdj"].ToString(),
// StrManufacture=myReader["chrZzcj"].ToString(),
//StrWcResult=myReader["chrJbwc"].ToString(),
//StrShellSeal = myReader["chrQianFeng1"].ToString(),
//StrCodeSeal = myReader["chrQianFeng2"].ToString(),
});
}
}
}
TempTableInfoList = tempInfoMeter;
return(result);
}
catch (Exception e)
{
TempTableInfoList = null;
return(-1);
}
}
public IDbConnection GetConnection()
{
var conn = new OracleConnection(_connectionString);
return(conn);
}
private void bidbtn_Click(object sender, EventArgs e)
{
if (string.IsNullOrWhiteSpace(bidval.Text.ToString()))
{
MessageBox.Show("Please Enter Value !");
}
else
{
using (con = new OracleConnection(ordb))
{
int maxVal = 0;
con.Open();
OracleCommand cmd = new OracleCommand();
cmd.Connection = con;
cmd.CommandText = "getMAxValue";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("id", GlobalID.AucID);
cmd.Parameters.Add("val", OracleDbType.Int32, ParameterDirection.Output);
try
{
cmd.ExecuteNonQuery();
maxVal = Convert.ToInt32(cmd.Parameters["val"].Value.ToString());
//MessageBox.Show(maxVal.ToString());
}
catch
{
maxVal = Convert.ToInt32(bidval.Text.ToString());
ReLoad();
}
if (Convert.ToInt32(bidval.Text.ToString()) > maxVal)
{
int balance = 0;
OracleCommand bids = new OracleCommand();
bids.Connection = con;
bids.CommandText = "select user_id from bidder_auctions where USER_ID = :uid and AUC_ID = :aid";
bids.CommandType = CommandType.Text;
bids.Parameters.Add("uid", GlobalID.ID);
bids.Parameters.Add("aid", GlobalID.AucID);
OracleDataReader drb = cmd.ExecuteReader();
if (true)
{
OracleCommand check = new OracleCommand();
check.Connection = con;
check.CommandText = "select balance from users where user_id = :id";
check.CommandType = CommandType.Text;
check.Parameters.Add("id", GlobalID.ID);
OracleDataReader drcheck = check.ExecuteReader();
while (drcheck.Read())
{
balance = Convert.ToInt32(drcheck[0].ToString());
}
drcheck.Close();
if (balance < Convert.ToInt32(bidval.Text.ToString()))
{
MessageBox.Show("In Sufficient Balance!!!");
return;
}
OracleCommand update = new OracleCommand();
update.Connection = con;
update.CommandText = @"update BIDDER_AUCTIONS
set value = :valn
where auc_id = :auctid
and user_id = :useid";
update.CommandType = CommandType.Text;
update.Parameters.Add("valn", Convert.ToInt32(bidval.Text.ToString()));
update.Parameters.Add("auctid", GlobalID.AucID);
update.Parameters.Add("useid", GlobalID.ID);
int ret = update.ExecuteNonQuery();
if (ret == 0)
{
OracleCommand insert = new OracleCommand();
insert.Connection = con;
insert.CommandText = "insert into BIDDER_AUCTIONS values (:aucid,:userid,:newval)";
insert.CommandType = CommandType.Text;
insert.Parameters.Add("aucid", GlobalID.AucID);
insert.Parameters.Add("userid", GlobalID.ID);
insert.Parameters.Add("newval", Convert.ToInt32(bidval.Text.ToString()));
insert.ExecuteNonQuery();
MessageBox.Show("inserted!!");
ReLoad();
}
else
{
MessageBox.Show("Updated!!");
ReLoad();
}
}
}
else
{
MessageBox.Show("Please Enter Big Value");
return;
}
}
}
}
public string[] GetSearchItems(string prefix)
{
List<string> items = new List<string>();
using (OracleConnection conn = new OracleConnection())
{
conn.ConnectionString = ConfigurationManager
.ConnectionStrings["Bazi"].ConnectionString;
using (OracleCommand cmd = new OracleCommand())
{
cmd.CommandText = "select ime,igraid from Igra where upper(ime) like upper(:SearchText)||'%'";
cmd.Parameters.Add(new OracleParameter("SearchText", prefix));
cmd.Connection = conn;
conn.Open();
using (OracleDataReader sdr = cmd.ExecuteReader())
{
while (sdr.Read())
{
items.Add(string.Format("{0}`{1} Game", sdr.GetString(0), sdr.GetInt64(1)));
}
}
cmd.CommandText = "select IMEMODEL,HARDID from HARDVERPROIZVOD where upper(IMEMODEL) like upper(:SearchText)||'%'";
using (OracleDataReader rdr = cmd.ExecuteReader())
{
while (rdr.Read())
{
items.Add(string.Format("{0}`{1} Hardware", rdr.GetString(0), rdr.GetInt64(1)));
}
}
conn.Close();
}
return items.ToArray();
}
}