C# (CSharp) PreventSQLInjection примеры использования

Язык программирования: C# (CSharp)

Класс/Тип: PreventSQLInjection

Примеров на hotexamples.com: 5

C# (CSharp) PreventSQLInjection - 5 примеров найдено. Это лучшие примеры C# (CSharp) кода для PreventSQLInjection, полученные из open source проектов. Вы можете ставить оценку каждому примеру, чтобы помочь нам улучшить качество примеров.

Основные методы

Показать Скрыть

ClearSQLInjectionInAllControls(4)

FilterSQLString(1)

Пример #1

Показать файл

        /// <summary>
        /// Thuc hien cap nhat thong tin nguoi dung
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void btnSave_Click(object sender, EventArgs e)
        {
            if (UID > 0)
            {
                UserAccount user = db.UserAccounts.SingleOrDefault <UserAccount>(u => u.UserId == UID);
                if (user != null)
                {
                    PreventSQLInjection.ClearSQLInjectionInAllControls(this.Controls);
                    SysUser sUser = user.SysUser;
                    sUser.Address      = txtAddress.Text.Trim();
                    sUser.FirstSurName = txtHoLot.Text.Trim();
                    sUser.Cell         = txtPhone.Text.Trim();
                    sUser.LastName     = txtTen.Text.Trim();

                    db.SubmitChanges();
                }
            }
        }

Пример #2

Показать файл

Файл: pages.ascx.cs Проект: manyud351/SoKHCN

        private void SavePortalPage()
        {
            txtPageName.Text = PreventSQLInjection.FilterSQLString(txtPageName.Text);
            PortalPage st = null;
            //
            int Order = 1;

            if (rntOrder.Value.HasValue)
            {
                Order = (int)rntOrder.Value.Value;
            }
            short level        = 1;
            bool  IsUpdateMode = false;

            if (PortalPageId > 0)
            {
                st = db.PortalPages.SingleOrDefault <PortalPage>(s => s.Id == PortalPageId);
            }
            //
            if (st == null)
            {
                st = new PortalPage();
            }
            else
            {
                Order        = st.Order.Value;
                level        = st.PageLevel.Value;
                IsUpdateMode = true;
            }
            //
            st.PageName        = txtPageName.Text;
            st.PageDisplayName = txtPageName.Text;
            //tao so thu tu va cap menu tu dong
            if (rcbParentPage.SelectedIndex > 0)
            {
                int        parentid = Convert.ToInt32(rcbParentPage.SelectedValue);
                PortalPage sibling  = (from s in db.PortalPages
                                       where s.ParentPageId == parentid
                                       orderby s.Order descending
                                       select s).FirstOrDefault <PortalPage>();
                st.ParentPageId = parentid;

                if (sibling != null)
                {
                    //neu nguoi dung khong chu dong nhap so thu tu hien thi thi tinh toan so thu tu hien thi
                    //bang cach cong them 1 don vi vao so thu tu cua cac danh muc cung cap
                    if (!rntOrder.Value.HasValue)
                    {
                        Order = sibling.Order.Value + 1;
                    }
                    level = sibling.PageLevel.Value;
                }
                else
                {
                    PortalPage parent = db.PortalPages.SingleOrDefault <PortalPage>(s => s.Id == parentid);
                    if (parent != null)
                    {
                        level = (short)(parent.PageLevel.Value + 1);
                    }
                }
            }

            //proccess image
            if (fulIcon.HasFile)
            {
                //trong truong hop update --> xoa file cu tren dia cung truoc khi tien hanh upload
                if (!String.IsNullOrEmpty(st.Icon))
                {
                    System.IO.File.Delete(Server.MapPath(st.Icon));
                }
                string uploadFolder = "~/asset/icons/";
                //tao thu muc trong truong hop thu muc khong ton tai
                if (!System.IO.Directory.Exists(Server.MapPath(uploadFolder)))
                {
                    System.IO.Directory.CreateDirectory(Server.MapPath(uploadFolder));
                }
                //them 1 khoang trang vao cuoi chuoi de tao thuan loi cho viec tao ten file
                //sau khi tao ten file xong se bo khoang trang nay
                st.PageName += " ";
                //tao ten file theo cong thuc: tu dau tien trong ten danh muc + 5 ky tu ngau nhien
                string fileName = st.PageName.Substring(0, st.PageName.IndexOf(" ")) + "_" + Hash.GetRandomHashKey(5) + "." + NT.Lib.Globals.GetFileExtension(fulIcon.FileName);
                //bo khoang trang cuoi cung de tra lai ten ban dau
                st.PageName = st.PageName.Substring(0, st.PageName.Length - 1);

                //luu file vao dia va cap nhat vao DB
                st.Icon = uploadFolder + fileName;
                fulIcon.SaveAs(Server.MapPath(st.Icon));
            }
            //end proccess image

            st.Order          = Order;
            st.PageLevel      = level;
            st.Hidden         = false;
            st.ShowInMainMenu = ckbMainMenu.Checked;

            if (!IsUpdateMode)
            {
                db.PortalPages.InsertOnSubmit(st);
            }

            db.SubmitChanges();

            //clear cache
            Cache.Remove("pages");

            //LoadCategories();
            //txtCategoryName.Text = "";
            //rcbParentCategory.Items.Clear();
            //BindCategoriesToCombobox(0);
            //rcbParentCategory.Items.Insert(0, new RadComboBoxItem("", ""));
            Response.Redirect(Common.GenerateAdminUrl("pages"));
        }

Пример #3

Показать файл

Файл: News.ascx.cs Проект: manyud351/SoKHCN

        private void ProcessNewsContent()
        {
            NewsContent st             = null;
            bool        IsInUpdateMode = false;

            if (NewsId > 0)
            {
                st = db.NewsContents.SingleOrDefault <NewsContent>(s => s.Id == NewsId && s.UserId == UserId);
            }

            if (st == null)
            {
                st           = new NewsContent();
                st.ViewCount = 0;
                st.CreatedBy = UserInfo.UserAccount.AccountName;
            }
            else
            {
                //neu da duyet roi thi ko the cap nhat duoc nua
                if (st.ApprovementStatus >= (short)EnumNewsApprovementStatus.DaDuyetChuaXuatBan)
                {
                    Response.Redirect(Common.GenerateAdminUrl("news"));
                }
                IsInUpdateMode = true;
            }

            PreventSQLInjection.ClearSQLInjectionInAllControls(this);
            st.NewsTitle   = txtTieuDe.Text;
            st.Description = txtMoTa.Text;
            //st.Content = Editor1.MainEditor.Content;
            st.Content         = Editor1.MainEditor.Text;
            st.LastUpdatedTime = DateTime.Now;
            st.CategoryId      = Convert.ToInt32(rcbCategories.SelectedValue);
            //st.Hidden = !ckbShow.Checked;

            st.OriginAuthor = txtAuthor.Text;
            st.Source       = txtSource.Text;

            //upload hinh dai dien cua ban tin
            if (fulHinhAnh.HasFile)
            {
                //kiem tra kieu va kich co file
                //if ((NT.Lib.Globals.IsImageFile(fulHinhAnh.FileName)) && (fulHinhAnh.FileContent.Length <= SystemConfig.ApplicationConfig.MaxUserImageSizeUpload))
                if (NT.Lib.Globals.IsImageFile(fulHinhAnh.FileName))
                {
                    //xoa anh cu neu co (truong hop cap nhat)
                    if (!String.IsNullOrEmpty(st.ImagePath))
                    {
                        System.IO.File.Delete(Server.MapPath(st.ImagePath));
                    }

                    string uploadFolder = Server.MapPath(virtualUploadFolder + ThumbFolder);
                    if (!System.IO.Directory.Exists(uploadFolder))
                    {
                        System.IO.Directory.CreateDirectory(uploadFolder);
                    }

                    //tao chuoi ten file ngau nhien
                    string fileName = DateTime.Now.ToString("yyyyMMddHHmmss") + "_" + Hash.GetRandomHashKey(4) + "." + NT.Lib.Globals.GetFileExtension(fulHinhAnh.FileName);

                    //resize anh
                    System.Drawing.Image img        = System.Drawing.Image.FromStream(fulHinhAnh.PostedFile.InputStream);
                    System.Drawing.Image imgResized = Utilities.ResizeImage(img, SystemConfig.ApplicationConfig.News_MaxImageWidth, SystemConfig.ApplicationConfig.News_MaxImageWidth);
                    imgResized.Save(uploadFolder + fileName);//luu file vao o cung

                    //luu duong dan anh vao db
                    st.ImagePath = virtualUploadFolder + ThumbFolder + fileName;
                }
            }

            if (!ckbSend.Checked)
            {
                st.ApprovementStatus = (short)EnumNewsApprovementStatus.ChuaGui;
            }
            else
            {
                st.ApprovementStatus = (short)EnumNewsApprovementStatus.ChuaDuyet;
            }

            //auto publish news
            //st.ApprovementStatus = (short)EnumNewsApprovementStatus.DaXuatBan;
            //st.ShowInDropdownMenu = true;
            //st.ShowInFeature = ckbFeature.Checked;
            //st.ShowInMostView = true;
            //st.ShowInNewest = ckbNewest.Checked;
            //st.Hidden = false;
            //st.PublishFrom = DateTime.Now;
            //st.PublishTo = DateTime.MaxValue;

            if (!IsInUpdateMode)
            {
                //st.StoreId = StoreId;
                st.CreatedTime = st.LastUpdatedTime;
                st.UserId      = UserId;
                db.NewsContents.InsertOnSubmit(st);
            }

            db.SubmitChanges();

            //NT.Lib.Utilities.ClearAllInputControls(pnlAddNew.Controls);

            //ChangeMode(false);
            Response.Redirect(Common.GenerateAdminUrl("news"));
            //LoadNewsContent();
        }

Пример #4

Показать файл

        private void ProcessNewsContent()
        {
            NewsContent st = null;

            if (NewsId > 0)
            {
                st = db.NewsContents.SingleOrDefault <NewsContent>(s => s.Id == NewsId && (s.ApprovementStatus == (short)EnumNewsApprovementStatus.DaDuyetChuaXuatBan ||
                                                                                           s.ApprovementStatus == (short)EnumNewsApprovementStatus.ThuHoiTinDaXuatBan));
            }

            if (st == null)
            {
                return;
            }

            PreventSQLInjection.ClearSQLInjectionInAllControls(this);
            st.NewsTitle   = txtTieuDe.Text;
            st.Description = txtMoTa.Text;
            //st.Content = Editor1.MainEditor.Content;
            st.Content         = Editor1.MainEditor.Text;
            st.LastUpdatedTime = DateTime.Now;
            st.CategoryId      = Convert.ToInt32(rcbCategories.SelectedValue);
            st.Source          = txtSource.Text;
            st.OriginAuthor    = txtAuthor.Text;
            //st.Hidden = !ckbShow.Checked;

            //upload hinh dai dien cua ban tin
            if (fulHinhAnh.HasFile)
            {
                //kiem tra kieu va kich co file
                //if ((NT.Lib.Globals.IsImageFile(fulHinhAnh.FileName)) && (fulHinhAnh.FileContent.Length <= SystemConfig.ApplicationConfig.MaxUserImageSizeUpload))
                if (NT.Lib.Globals.IsImageFile(fulHinhAnh.FileName))
                {
                    //xoa anh cu neu co (truong hop cap nhat)
                    if (!String.IsNullOrEmpty(st.ImagePath))
                    {
                        System.IO.File.Delete(Server.MapPath(st.ImagePath));
                    }

                    string uploadFolder = Server.MapPath(virtualUploadFolder + ThumbFolder);
                    if (!System.IO.Directory.Exists(uploadFolder))
                    {
                        System.IO.Directory.CreateDirectory(uploadFolder);
                    }

                    //tao chuoi ten file ngau nhien
                    string fileName = DateTime.Now.ToString("yyyyMMddHHmmss") + "_" + Hash.GetRandomHashKey(4) + "." + NT.Lib.Globals.GetFileExtension(fulHinhAnh.FileName);

                    //resize anh
                    System.Drawing.Image img        = System.Drawing.Image.FromStream(fulHinhAnh.PostedFile.InputStream);
                    System.Drawing.Image imgResized = Utilities.ResizeImage(img, SystemConfig.ApplicationConfig.News_MaxImageWidth, SystemConfig.ApplicationConfig.News_MaxImageWidth);
                    imgResized.Save(uploadFolder + fileName);//luu file vao o cung

                    //luu duong dan anh vao db
                    st.ImagePath = virtualUploadFolder + ThumbFolder + fileName;
                }
            }

            NewsApprovementHistory apHis = new NewsApprovementHistory();

            apHis.NewsId = st.Id;

            if (ddlApprove.SelectedValue == "1")
            {
                st.ApprovementStatus = (short)EnumNewsApprovementStatus.DaXuatBan;
                apHis.IsApproved     = true;
            }
            else
            {
                st.ApprovementStatus = (short)EnumNewsApprovementStatus.KhongXuatBan;
                apHis.IsApproved     = false;
            }

            apHis.AppStatustId = st.ApprovementStatus;
            apHis.ApprovedBy   = UserInfo.UserAccount.AccountName;
            apHis.Comment      = txtApprovementDetail.Text;
            apHis.CreatedTime  = DateTime.Now;
            NewsApprovementHistory nah = db.NewsApprovementHistories.OrderByDescending <NewsApprovementHistory, DateTime>(nn => nn.CreatedTime.Value).FirstOrDefault <NewsApprovementHistory>(nnn => nnn.NewsId == st.Id);
            //Int16 lastSeq = (from na in db.NewsApprovementHistories where na.NewsId == st.Id orderby na.CreatedTime descending select na.Sequence.Value).Take(1).SingleOrDefault<Int16>();
            short lastSeq = 0;

            if (nah != null)
            {
                lastSeq = nah.Sequence.Value;
            }
            apHis.Sequence = (short)(lastSeq + 1);

            st.ShowInDropdownMenu = true;
            st.ShowInFeature      = ckbFeature.Checked;
            st.ShowInMostView     = ckbHot.Checked;
            st.ShowInNewest       = ckbNewest.Checked;
            st.Hidden             = false;
            st.PublishFrom        = DateTime.Now;
            st.PublishTo          = DateTime.MaxValue;


            db.NewsApprovementHistories.InsertOnSubmit(apHis);

            db.SubmitChanges();

            Response.Redirect(Common.GenerateAdminUrl("publishnews"));
        }

Пример #5

Показать файл

Файл: van-ban-phap-quy.ascx.cs Проект: manyud351/SoKHCN

        private void SearchVB()
        {
            PreventSQLInjection.ClearSQLInjectionInAllControls(this.divSearchCreteria.Controls);

            string strSQL        = "select vb.Id, SoHieu, TrichYeu, FileDinhKem, LoaiFile, CQBH, NgayBH, NgayHL, TenCoQuanBH, ConHieuLuc ";
            string strFromClause = " from VBPQ_VanBanChiTiet vb inner join VBPQ_CoQuanBH cq on vb.CQBH = cq.Id ";
            string strCreteria   = " where vb.DaDuyet = 1 ";
            string strOrder      = " order by NgayCapNhat desc";

            if (txtSoHieu.Text != "")
            {
                strCreteria += " and SoHieu like N'%" + txtSoHieu.Text + "%'";
            }
            if (txtTrichYeu.Text != "")
            {
                strCreteria += " and TrichYeu like N'%" + txtTrichYeu.Text.Replace(" ", "%") + "%'";
            }
            if (rdbConHL.Checked)
            {
                strCreteria += " and ConHieuLuc = 1";
            }
            if (rdbHetHL.Checked)
            {
                strCreteria += " and ConHieuLuc = 0";
            }

            if (ddlCQBH.SelectedIndex > 0)
            {
                strCreteria += " and CQBH = " + ddlCQBH.SelectedValue;
            }
            if (ddlLinhVuc.SelectedIndex > 0)
            {
                strCreteria += " and CQBH = " + ddlLinhVuc.SelectedValue;
            }
            if (ddlLoaiVB.SelectedIndex > 0)
            {
                strCreteria += " and CQBH = " + ddlLoaiVB.SelectedValue;
            }
            if (rdpFromDate.SelectedDate != null)
            {
                strCreteria += " and NgayBH >= '" + rdpFromDate.SelectedDate.Value.ToString() + "'";
            }
            if (rdpToDate.SelectedDate != null)
            {
                strCreteria += " and NgayBH <= '" + rdpToDate.SelectedDate.Value.ToString() + "'";
            }

            strSQL = strSQL + strFromClause + strCreteria + strOrder;

            //dung ADO.NET thay cho LINQ vi han che trong viec select du lieu tuy bien
            SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["SoKHCNCT"].ConnectionString);

            con.Open();
            //dem tat ca record
            string strCount    = "select count(vb.Id)  ";
            int    totalRecord = Convert.ToInt32(new SqlCommand(strCount + strFromClause + strCreteria, con).ExecuteScalar());

            SqlDataAdapter da     = new SqlDataAdapter(strSQL, con);
            DataTable      lstSTA = new DataTable();

            da.Fill(lstSTA);

            rptVBPQ.DataSource = lstSTA;
            rptVBPQ.DataBind();

            con.Close();
            con.Dispose();

            con.Close();


            //tao chuoi phan trang
            ltrPaging.Text = NT.Lib.Utilities.GenratePagingString(totalRecord, pageSize, CurrPage, pageShow, "Trang: ", "<span style=\'color:#000\'>{0}</span>", "<span style=\'color:#aaa\'>{0}</span>", "javascript:gotoPage({0})");
        }