/// <summary>
/// 获取分页数据(防注入功能的)
/// </summary>
/// <param name="userInfo">用户信息</param>
/// <param name="recordCount">记录条数</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="selectField">选择字段</param>
/// <param name="pageNo">当前页</param>
/// <param name="pageSize">每页显示多少条</param>
/// <param name="conditions">查询条件</param>
/// <param name="dbParameters">查询参数</param>
/// <param name="orderBy">排序字段</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageNo, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy)
{
DataTable result = null;
var myRecordCount = 0;
var dt = new DataTable(BaseModuleEntity.CurrentTableName);
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
// 判断是否已经登录的用户?
var userManager = new BaseUserManager(userInfo);
// 判断是否已经登录的用户?
if (userManager.UserIsLogon(userInfo))
{
if (SecretUtil.IsSqlSafe(conditions))
{
myRecordCount = dbHelper.GetCount(tableName, conditions, dbHelper.MakeParameters(dbParameters));
result = DbUtil.GetDataTableByPage(dbHelper, tableName, selectField, pageNo, pageSize, conditions, dbHelper.MakeParameters(dbParameters), orderBy);
}
else
{
// 记录注入日志
LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + conditions, "SqlSafe");
}
}
});
recordCount = myRecordCount;
return(result);
}
/// <summary>
/// 分页查询
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="recordCount">记录数</param>
/// <param name="pageIndex">当前页</param>
/// <param name="pageSize">每页显示</param>
/// <param name="whereClause">条件</param>
/// <param name="dbParameters">参数</param>
/// <param name="order">排序</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, int pageIndex, int pageSize, string whereClause, List <KeyValuePair <string, object> > dbParameters, string order = null)
{
var result = new DataTable(BaseMessageEntity.TableName);
int myRecordCount = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessMessageDb(userInfo, parameter, (dbHelper) =>
{
if (SecretUtil.IsSqlSafe(whereClause))
{
var messageManager = new BaseMessageManager(dbHelper, userInfo);
result = messageManager.GetDataTableByPage(out myRecordCount, pageIndex, pageSize, whereClause, dbHelper.MakeParameters(dbParameters), order);
result.TableName = BaseMessageEntity.TableName;
// FileUtil.WriteMessage("userInfo1:" + userInfo.Serialize() + " " + whereClause, "D:/Web/DotNet.CommonV4.2/DotNet.WCFService/Log/" + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
// FileUtil.WriteMessage("userInfo2:" + userInfo.Serialize() + " " + whereClause, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + whereClause, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
});
recordCount = myRecordCount;
return(result);
}
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageIndex, int pageSize, string conditions, IDbDataParameter[] dbParameters, string orderBy)
{
DataTable result = null;
recordCount = 0;
string connectionString = string.Empty;
connectionString = ConfigurationHelper.AppSettings("OpenMasDbConnection", BaseSystemInfo.EncryptDbConnection);
if (!string.IsNullOrEmpty(connectionString))
{
if (SecretUtil.IsSqlSafe(conditions))
{
using (IDbHelper dbHelper = DbHelperFactory.GetHelper(CurrentDbType.SqlServer, connectionString))
{
recordCount = DbLogic.GetCount(dbHelper, tableName, conditions, dbParameters);
result = DbLogic.GetDataTableByPage(dbHelper, tableName, selectField, pageIndex, pageSize, conditions, dbParameters, orderBy);
}
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
}
return(result);
}
/// <summary>
/// 获取分页数据(防注入功能的)
/// </summary>
/// <param name="recordCount">记录条数</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="selectField">选择字段</param>
/// <param name="pageIndex">当前页</param>
/// <param name="pageSize">每页显示多少条</param>
/// <param name="conditions">查询条件</param>
/// <param name="dbParameters">查询参数</param>
/// <param name="orderBy">排序字段</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageIndex, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy)
{
DataTable result = null;
// 判断是否已经登录的用户?
var userManager = new BaseUserManager(userInfo);
recordCount = 0;
// 判断是否已经登录的用户?
if (userManager.UserIsLogOn(userInfo))
{
if (SecretUtil.IsSqlSafe(conditions))
{
recordCount = DbLogic.GetCount(DbHelper, tableName, conditions, DbHelper.MakeParameters(dbParameters));
result = DbLogic.GetDataTableByPage(DbHelper, tableName, selectField, pageIndex, pageSize, conditions, DbHelper.MakeParameters(dbParameters), orderBy);
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
DotNet.Utilities.FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
}
return(result);
}
/// <summary>
/// 分页查询
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="recordCount">记录数</param>
/// <param name="pageNo">当前页</param>
/// <param name="pageSize">每页显示</param>
/// <param name="condition">条件</param>
/// <param name="dbParameters">参数</param>
/// <param name="order">排序</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, int pageNo, int pageSize, string condition, List <KeyValuePair <string, object> > dbParameters, string order = null)
{
var result = new DataTable(BaseUserEntity.CurrentTableName);
var myRecordCount = 0;
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
if (SecretUtil.IsSqlSafe(condition))
{
var userManager = new BaseUserManager(dbHelper, userInfo)
{
ShowUserLogonInfo = false
};
result = userManager.GetDataTableByPage(out myRecordCount, pageNo, pageSize, condition, dbHelper.MakeParameters(dbParameters), order);
result.TableName = BaseUserEntity.CurrentTableName;
}
else
{
// 记录注入日志
LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + condition, "SqlSafe");
}
});
recordCount = myRecordCount;
return(result);
}
/// <summary>
/// 查询用户列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="recordCount">记录条数</param>
/// <param name="pageNo">第几页</param>
/// <param name="pageSize">每页显示条数</param>
/// <param name="permissionCode">操作权限</param>
/// <param name="conditions">条件</param>
/// <param name="sort">排序</param>
/// <returns>数据表</returns>
public DataTable SearchUserByPage(BaseUserInfo userInfo, out int recordCount, int pageNo, int pageSize, string permissionCode, string conditions, string sort = null)
{
var departmentId = string.Empty;
var myrecordCount = 0;
var dt = new DataTable(BaseUserEntity.CurrentTableName);
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
if (SecretUtil.IsSqlSafe(conditions))
{
var userManager = new BaseUserManager(dbHelper, userInfo)
{
ShowUserLogonInfo = true
};
dt = userManager.SearchLogByPage(out myrecordCount, pageNo, pageSize, permissionCode, conditions, sort);
dt.TableName = BaseUserEntity.CurrentTableName;
}
else
{
// 记录注入日志
LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + conditions, "SqlSafe");
}
});
recordCount = myrecordCount;
return(dt);
}
/// <summary>
/// 查询用户列表
/// </summary>
/// <param name="userInfo">用户</param>
/// <param name="recordCount">记录条数</param>
/// <param name="pageIndex">第几页</param>
/// <param name="pageSize">每页显示条数</param>
/// <param name="permissionCode">操作权限</param>
/// <param name="conditions">条件</param>
/// <param name="sort">排序</param>
/// <returns>数据表</returns>
public DataTable SearchUserByPage(BaseUserInfo userInfo, out int recordCount, int pageIndex, int pageSize, string permissionCode, string conditions, string sort = null)
{
string departmentId = string.Empty;
int myrecordCount = 0;
var dt = new DataTable(BaseUserEntity.TableName);
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
if (SecretUtil.IsSqlSafe(conditions))
{
var userManager = new BaseUserManager(dbHelper, userInfo);
userManager.ShowUserLogOnInfo = true;
dt = userManager.SearchLogByPage(out myrecordCount, pageIndex, pageSize, permissionCode, conditions, sort);
dt.TableName = BaseUserEntity.TableName;
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
});
recordCount = myrecordCount;
return(dt);
}
/// <summary>
/// 获取分页数据(防注入功能的)
/// </summary>
/// <param name="userInfo">用户信息</param>
/// <param name="recordCount">记录条数</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="selectField">选择字段</param>
/// <param name="pageNo">当前页</param>
/// <param name="pageSize">每页显示多少条</param>
/// <param name="conditions">查询条件</param>
/// <param name="dbParameters">查询参数</param>
/// <param name="orderBy">排序字段</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageNo, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy)
{
DataTable result = null;
// 判断是否已经登录的用户?
var userManager = new BaseUserManager(userInfo);
recordCount = 0;
// 判断是否已经登录的用户?
if (userManager.UserIsLogon(userInfo))
{
if (SecretUtil.IsSqlSafe(conditions))
{
recordCount = DbHelper.GetCount(tableName, conditions, DbHelper.MakeParameters(dbParameters));
result = DbUtil.GetDataTableByPage(DbHelper, tableName, selectField, pageNo, pageSize, conditions, DbHelper.MakeParameters(dbParameters), orderBy);
}
else
{
// 记录注入日志
LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + conditions, "SqlSafe");
}
}
return(result);
}
/// <summary>
/// 获取分页数据(防注入功能的)
/// </summary>
/// <param name="recordCount">记录条数</param>
/// <param name="tableName">数据来源表名</param>
/// <param name="selectField">选择字段</param>
/// <param name="pageIndex">当前页</param>
/// <param name="pageSize">每页显示多少条</param>
/// <param name="conditions">查询条件</param>
/// <param name="dbParameters">查询参数</param>
/// <param name="orderBy">排序字段</param>
/// <returns>数据表</returns>
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageIndex, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy)
{
DataTable result = null;
int myRecordCount = 0;
var dt = new DataTable(BaseModuleEntity.TableName);
var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod());
ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) =>
{
// 判断是否已经登录的用户?
var userManager = new BaseUserManager(userInfo);
// 判断是否已经登录的用户?
if (userManager.UserIsLogOn(userInfo))
{
if (SecretUtil.IsSqlSafe(conditions))
{
myRecordCount = DbLogic.GetCount(dbHelper, tableName, conditions, dbHelper.MakeParameters(dbParameters));
result = DbLogic.GetDataTableByPage(dbHelper, tableName, selectField, pageIndex, pageSize, conditions, dbHelper.MakeParameters(dbParameters), orderBy);
}
else
{
if (System.Web.HttpContext.Current != null)
{
// 记录注入日志
FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt");
}
}
}
});
recordCount = myRecordCount;
return(result);
}
