示例#1
1
        /// <summary>
        /// SQLのパラメータを追加します。サニタイジング(SQLインジェクション対策)をします
        /// </summary>
        /// <param name="cmd"></param>
        /// <param name="direction"></param>
        /// <param name="paramName"></param>
        /// <param name="type"></param>
        /// <param name="value">値がnullの場合はDBNull.Valueを挿入します</param>
        public static void AddSqlParameter(SqlCommand cmd, ParameterDirection direction, string paramName, SqlDbType type, Object value)
        {
            if (cmd == null)
            {
                return;
            }

            if (string.IsNullOrEmpty(paramName) || string.IsNullOrWhiteSpace(paramName))
            {
                return;
            }

            if (value == null)
            {
                value = DBNull.Value;
            }

            SqlParameter param = cmd.CreateParameter();
            param.ParameterName = paramName;
            param.SqlDbType = type;
            param.Direction = direction;
            param.Value = value;

            cmd.Parameters.Add(param);
        }
示例#2
0
 /// <summary>
 /// 매개 변수를 사용하여 <c>SqlParameter</c>클래스의 새 인스턴스를 반환합니다.
 /// </summary>
 /// <param name="parameterName">매핑할 매개 변수의 이름</param>
 /// <param name="dbType"><c>SqlDbType</c>값 중 하나</param>
 /// <param name="size">매개 변수의 길이</param>
 /// <param name="direction"><c>ParameterDirection</c>값 중 하나</param>
 /// <returns><c>SqlParameter</c>클래스의 새 인스턴스</returns>
 public static SqlParameter CreateParameter(string parameterName, SqlDbType dbType, int size, ParameterDirection direction)
 {
     SqlParameter ret = CreateParameter(parameterName, dbType);
     ret.Direction = direction;
     ret.Size = size;
     return ret;
 }
示例#3
0
文件: DB.cs 项目: stevehjohn/Hub
 public void AddParameter(string paramName, SqlDbType paramType, object paramValue)
 {
     SqlParameter prm = new SqlParameter(paramName, paramType);
     prm.Direction = ParameterDirection.Input;
     prm.Value = paramValue;
     m_Cmd.Parameters.Add(prm);
 }
示例#4
0
 private SqlDataType(SqlDbType type, int? length, int? precision, int? scale)
 {
     _Type = type;
     _Length = length;
     _Precision = precision;
     _Scale = scale;
 }
示例#5
0
 public SqlParam(string paramName, object paramValue, ParameterDirection paramDirection, SqlDbType type)
 {
     Name = paramName;
     Direction = paramDirection;
     Value = paramValue;
     Type = type;
 }
 public StoredProcedureParameterAttribute(SqlDbType dataType, StoredProcedureParameterOptions options, int size)
 {
     DataType = dataType;
     Options = options;
     Direction = ParameterDirection.Input;
     Size = size;
 }
示例#7
0
 /// <summary>
 /// Create new Store proc parameter.
 /// </summary>
 /// <param name="paramName">Sql parameter name.</param>
 /// <param name="paramType"><see cref="SqlDbType"/> parameter type.</param>
 /// <param name="paramSize"><see cref="Int32"/> sql parameter size - use with string.</param>
 /// <param name="usedFor1">Identifies the purpose of the parameter.</param>
 internal StoredProcParameter(string paramName,
     SqlDbType paramType,
     int paramSize,
     SqlStatementType usedFor1)
     : this(paramName, paramType, paramSize, new[] {usedFor1})
 {
 }
		public SqlMetaData (string name, SqlDbType type, byte precision, byte scale)
		{
			this.name = name;
			this.precision = precision;
			this.scale = scale;
			this.sqlDbType = type;
		}
        public static string ConvertToSystemDataType(SqlDbType sqlDbType)
        {
            switch (sqlDbType)
            {
                case SqlDbType.BigInt:
                    return "System.Int64";

                case SqlDbType.Bit:
                    return "System.Boolean";

                case SqlDbType.DateTime:
                case SqlDbType.SmallDateTime:
                    return "System.DateTime";

                case SqlDbType.Decimal:
                case SqlDbType.Float:
                case SqlDbType.Money:
                case SqlDbType.Real:
                case SqlDbType.SmallMoney:
                    return "System.Decimal";

                case SqlDbType.Int:
                    return "System.Int32";

                case SqlDbType.UniqueIdentifier:
                    return "System.Guid";

                case SqlDbType.SmallInt:
                    return "System.Int16";

                case SqlDbType.TinyInt:
                    return "System.Byte";
            }
            return "System.String";
        }
示例#10
0
文件: BaseDAO.cs 项目: zyh329/fpv2
        protected SqlParameter genSqlParameter(String paramName, SqlDbType type, int size, Object value)
        {
            if (value == null)
                value = DBNull.Value;

            SqlParameter param = null;

            if (type == SqlDbType.DateTime)
            {
                if (value == DBNull.Value)
                {
                    param = new SqlParameter(paramName, value);
                }
                else
                {
                    param = new SqlParameter(paramName, ((Nullable<DateTime>)value).Value);
                }
            }
            else
            {
                param = new SqlParameter(paramName, type, size);
                param.Value = value;
            }

            return param;
        }
示例#11
0
        /// <summary>
        /// Método genérico que chama os métodos correspondentes ao Tipo do Banco para execução da Procedure.
        /// </summary>
        /// <param name="query"></param>
        /// <param name="tipoBanco"></param>
        /// <returns></returns>
        public bool executaProc(string nameProc, TipoBanco tipoBanco, object[] values, string[] parametros, SqlDbType[] sqlDBType)
        {
            bool bRet = false;
            try
            {
                switch (tipoBanco)
                {
                    case TipoBanco.SQLServer:
                        bRet = executaProcSQL(nameProc, values, parametros, sqlDBType);
                        break;
                    case TipoBanco.Oracle:
                        break;
                    case TipoBanco.OLDB:
                        break;
                    default:
                        break;
                }
            }
            catch (Exception ex)
            {
                bRet = false;
                throw ex;
            }
            finally
            {

            }
            return bRet;
        }
示例#12
0
文件: DbParam.cs 项目: rumbabu/Yuvaas
 public DbParam(String paramName, Object paramValue, SqlDbType paramType)
 {
     ParamName = paramName;
     ParamValue = paramValue;
     ParamType = paramType;
     ParamDirection = ParameterDirection.Input;
 }
示例#13
0
        public MetaType(byte precision, byte scale, int fixedLength, bool isFixed, bool isLong, bool isPlp, byte tdsType, byte nullableTdsType, string typeName, Type classType, Type sqlType, SqlDbType sqldbType, DbType dbType, byte propBytes) {
            this.Precision    = precision;
            this.Scale        = scale;
            this.FixedLength  = fixedLength;
            this.IsFixed      = isFixed;
            this.IsLong       = isLong;
            this.IsPlp        = isPlp;
            // can we get rid of this (?just have a mapping?)
            this.TDSType      = tdsType;
            this.NullableType = nullableTdsType;
            this.TypeName     = typeName;
            this.SqlDbType    = sqldbType;
            this.DbType       = dbType;

            this.ClassType    = classType;
            this.SqlType      = sqlType;
            this.PropBytes    = propBytes;

            IsAnsiType  = _IsAnsiType(sqldbType);
            IsBinType   = _IsBinType(sqldbType);
            IsCharType  = _IsCharType(sqldbType);
            IsNCharType = _IsNCharType(sqldbType);
            IsSizeInCharacters = _IsSizeInCharacters(sqldbType);
            IsNewKatmaiType = _IsNewKatmaiType(sqldbType);
            IsVarTime = _IsVarTime(sqldbType);

            Is70Supported = _Is70Supported(SqlDbType);
            Is80Supported = _Is80Supported(SqlDbType);
            Is90Supported = _Is90Supported(SqlDbType);
            Is100Supported = _Is100Supported(SqlDbType);
        }
示例#14
0
 //thoai Add sql parameter
 protected static SqlParameter AddSqlPrameter(string parameterName, SqlDbType dbType, int size, ParameterDirection direction, object value)
 {
     SqlParameter parameter = new SqlParameter(parameterName, dbType, size);
     parameter.Direction = direction;
     parameter.Value = value;
     return parameter;
 }
示例#15
0
 public static DbParameter CreateParameter(SqlDbType dbType)
 {
     return new SqlParameter
     {
         SqlDbType = dbType
     };
 }
        /// <summary>
        /// Sets up a parameter for the query
        /// </summary>
        /// <param name="id">The ID of the parameter</param>
        /// <param name="type">The Sql type of the parameter</param>
        /// <param name="Value">The value of the parameter</param>
        public static void AddParameter(this List<SqlParameter> collection, string parameterName, SqlDbType type, Object Value)
        {
            SqlParameter parameter = new SqlParameter();
            parameter.ParameterName = parameterName;
            parameter.SqlDbType = type;

            if (Value == null)
            {
                parameter.Value = Convert.DBNull;
            }
            else if (Value.ToString() == "" && type != SqlDbType.VarChar)
            {
                // must convert the empty string to a DBNull
                parameter.Value = Convert.DBNull;
            }
            else if (Value.ToString() == "" && (type == SqlDbType.Float || type == SqlDbType.Int || type == SqlDbType.Money))
            {
                parameter.Value = 0;
            }
            else
            {
                // set the value of the parameter
                parameter.Value = Value;
            }

            collection.Add(parameter);
        }
 public string Create(string name, SqlDbType sqlDbType, long? length = null)
 {
     var lStr = length.HasValue
                    ? string.Format("({0})", length.Value)
                    : string.Empty;
     return string.Format("\"{0}\" {1}{2}", name.Trim(), sqlDbType.ToString().ToLower(), lStr);
 }
示例#18
0
 public SqlFieldAttribute(string fieldName, int fieldLength, SqlDbType sqlDbType, bool needsSpellCheck)
 {
     this.m_FieldName = fieldName;
     this.m_FieldLength = fieldLength;
     this.m_SqlDbType = sqlDbType;
     this.m_NeedsSpellCheck = needsSpellCheck;
 }
示例#19
0
 /// <summary>
 /// Create new Store proc parameter.
 /// </summary>
 /// <param name="paramName">Sql parameter name.</param>
 /// <param name="paramType"><see cref="SqlDbType"/> parameter type.</param>
 /// <param name="size"><see cref="Int32"/> sql parameter size - use with string.</param>
 /// <param name="usedFor">Array of <see cref="SqlStatementType"/> values to determine the SP usage.</param>
 internal StoredProcParameter(string paramName,
     SqlDbType paramType,
     int size,
     SqlStatementType[] usedFor)
     : this(new SqlParameter(paramName, paramType, size), usedFor)
 {
 }
 internal SmiExtendedMetaData(SqlDbType dbType, long maxLength, byte precision, byte scale, long localeId, SqlCompareOptions compareOptions, Type userDefinedType, string udtAssemblyQualifiedName, bool isMultiValued, IList<SmiExtendedMetaData> fieldMetaData, SmiMetaDataPropertyCollection extendedProperties, string name, string typeSpecificNamePart1, string typeSpecificNamePart2, string typeSpecificNamePart3) : base(dbType, maxLength, precision, scale, localeId, compareOptions, userDefinedType, udtAssemblyQualifiedName, isMultiValued, fieldMetaData, extendedProperties)
 {
     this._name = name;
     this._typeSpecificNamePart1 = typeSpecificNamePart1;
     this._typeSpecificNamePart2 = typeSpecificNamePart2;
     this._typeSpecificNamePart3 = typeSpecificNamePart3;
 }
示例#21
0
 public SqlField(int tableIndex, string fieldName, SqlDbType dataType, bool visible)
 {
     this.tabIndex = tableIndex;
      this.fldName = fieldName;
      this.dbType = dataType;
      this.visible = visible;
 }
示例#22
0
 ///<summary>
 ///</summary>
 ///<param name="paramName"></param>
 ///<param name="dbType"></param>
 ///<param name="size"></param>
 ///<param name="direction"></param>
 ///<param name="value"></param>
 ///<returns></returns>
 ///<exception cref="ArgumentOutOfRangeException"></exception>
 public static SqlParameter MakeParam(string paramName, SqlDbType dbType, int size, ParameterDirection direction, object value)
 {
     SqlParameter sqlParameter = null;
     try
     {
         paramName = paramName ?? string.Empty;
         //modify reason:验证花时比较大
         //if (!MathUtils.IsMachVarName(paramName))
         //{
         //    throw new ArgumentOutOfRangeException("paramName", "参数名格式不正确");
         //}
         if (size > 0)
         {
             sqlParameter = new SqlParameter(FormatParamName(paramName), dbType, size);
         }
         else
         {
             sqlParameter = new SqlParameter(FormatParamName(paramName), dbType);
         }
         sqlParameter.Direction = direction;
         if (direction != ParameterDirection.Output || value != null)
         {
             sqlParameter.Value = value;
         }
     }
     catch (Exception ex)
     {
         TraceLog.WriteError("{0}", ex);
     }
     return sqlParameter;
 }
示例#23
0
        public void SetOutParam(string ParamName, SqlDbType Sqltype)
        {
            //Initialize Sql parameter
            m_Param = new SqlParameter();
            //Set parameter name
            m_Param.ParameterName = ParamName;
            //Set parameter datatype
            m_Param.SqlDbType = Sqltype;
            //Check Out param type
            switch (Sqltype)
            {
                //If outparam type is varchar
                case SqlDbType.VarChar:
                case SqlDbType.NVarChar:
                    {
                        //Set default size
                        m_Param.Size = 1000;
                        break;
                    }
            }

            //Set parameter direction as output
            m_Param.Direction = ParameterDirection.Output;
            //Add parameter in hashtable
            SetParam(m_Param);
        }
示例#24
0
        /// <summary>
        /// ����� ���� Parameter
        /// </summary>
        /// <param name="paramName">�Ķ���� �̸�</param>
        /// <param name="type">SqlDbType</param>
        /// <param name="size">ũ��</param>
        /// <param name="val">�Ķ���� ��</param>
        /// <returns></returns>
        protected static SqlParameter CreateInParam(string paramName, SqlDbType type, int size, object val)
        {
            SqlParameter param	= new SqlParameter( paramName, type, size );
            param.Value			= val;

            return param;
        }
示例#25
0
        public static object SqlValue(this string strVal, SqlDbType type)
        {
            if (type == SqlDbType.DateTime)
                return DateTime.Parse(strVal);

            return strVal;
        }
示例#26
0
        /// <summary>
        /// Output Ÿ���� Parameter
        /// </summary>
        /// <param name="paramName">�Ķ���� �̸�</param>
        /// <param name="type">SqlDbType</param>
        /// <param name="size">ũ��</param>
        /// <param name="val">�Ķ���� ��</param>
        /// <returns></returns>
        protected static SqlParameter CreateOutParam(string paramName, SqlDbType type, int size)
        {
            SqlParameter param	= new SqlParameter( paramName, type, size );
            param.Direction		= ParameterDirection.Output;

            return param;
        }
示例#27
0
 /// <summary>
 /// Metodo constructor con todos los campos asignados
 /// </summary>
 /// <param name="etiqueta">etiqueta del parametro ejemplo: @nombreDeUsuario</param>
 /// <param name="tipoDato">SqlDbType con el tipo de dato del parametro 
 /// ejemplo: SqlDbType.VarChar</param>
 /// <param name="valor">valor: string con el valor que se le asigno al 
 /// parametro ejemplo: Pepe</param>
 /// <param name="esOutput">esOutput: si es un parametro de output: true, si no: false</param>
 public Parametro(string etiqueta, SqlDbType tipoDato, string valor, bool esOutput)
 {
     this.etiqueta = etiqueta;
     this.tipoDato = tipoDato;
     this.valor = valor;
     this.esOutput = esOutput;
 }
示例#28
0
        public SqlCeParameter AddInParameter(string name, object val, SqlDbType type)
        {
            SqlCeParameter sp = new SqlCeParameter(name, val);
            sp.SqlDbType = type;
            return sp;

        }
示例#29
0
文件: Utility.cs 项目: maskx/OData
 public static Type SqlType2CsharpType(SqlDbType sqlType)
 {
     switch (sqlType)
     {
         case SqlDbType.BigInt:
             return typeof(Int64);
         case SqlDbType.Binary:
             return typeof(Object);
         case SqlDbType.Bit:
             return typeof(Boolean);
         case SqlDbType.Char:
             return typeof(String);
         case SqlDbType.DateTime:
             return typeof(DateTime);
         case SqlDbType.Decimal:
             return typeof(Decimal);
         case SqlDbType.Float:
             return typeof(Double);
         case SqlDbType.Image:
             return typeof(Object);
         case SqlDbType.Int:
             return typeof(Int32);
         case SqlDbType.Money:
             return typeof(Decimal);
         case SqlDbType.NChar:
             return typeof(String);
         case SqlDbType.NText:
             return typeof(String);
         case SqlDbType.NVarChar:
             return typeof(String);
         case SqlDbType.Real:
             return typeof(Single);
         case SqlDbType.SmallDateTime:
             return typeof(DateTime);
         case SqlDbType.SmallInt:
             return typeof(Int16);
         case SqlDbType.SmallMoney:
             return typeof(Decimal);
         case SqlDbType.Text:
             return typeof(String);
         case SqlDbType.Timestamp:
             return typeof(Object);
         case SqlDbType.TinyInt:
             return typeof(Byte);
         case SqlDbType.Udt:
             return typeof(Object);
         case SqlDbType.UniqueIdentifier:
             return typeof(Guid);
         case SqlDbType.VarBinary:
             return typeof(Object);
         case SqlDbType.VarChar:
             return typeof(String);
         case SqlDbType.Variant:
             return typeof(Object);
         case SqlDbType.Xml:
             return typeof(Object);
         default:
             return null;
     }
 }
示例#30
0
 /// <summary>
 /// 매개 변수를 사용하여 <c>SqlParameter</c>클래스의 새 인스턴스를 반환합니다.
 /// </summary>
 /// <param name="parameterName">매핑할 매개 변수의 이름</param>
 /// <param name="dbType"><c>SqlDbType</c>값 중 하나</param>
 /// <param name="size">매개 변수의 길이</param>
 /// <param name="sourceColumn">소스 열의 이름</param>
 /// <returns><c>SqlParameter</c>클래스의 새 인스턴스</returns>
 public static SqlParameter CreateParameter(string parameterName, SqlDbType dbType, int size, string sourceColumn)
 {
     SqlParameter ret = CreateParameter(parameterName, dbType);
     ret.Size = size;
     ret.SourceColumn = sourceColumn;
     return ret;
 }