public static void LogError(HttpContext Context, Procedure Procedure, Exception Exception) { int StatusCode; string Message; if (Exception.Message.StartsWith("asql:")) { string[] Split = Exception.Message.Split(":".ToCharArray()); try { StatusCode = Convert.ToInt32(Split[1]); } catch { StatusCode = 500; } Message = Split[2]; } else if (Exception.Message.Contains("Cannot insert duplicate key")) { StatusCode = 400; Message = "A similar record already exists."; } else { StatusCode = 500; Message = UnexpectedError; } string IPAddress = Context.Request.UserHostAddress; if (string.IsNullOrWhiteSpace(IPAddress)) { IPAddress = "Unknown"; } string RequestBody; try { using (StreamReader Reader = new StreamReader(Context.Request.InputStream, Encoding.UTF8)) { RequestBody = Reader.ReadToEnd(); } } catch { RequestBody = null; } if (string.IsNullOrWhiteSpace(RequestBody)) { RequestBody = null; } string ProcedureXML; try { ProcedureXML = JsonConvert.DeserializeXmlNode(JsonConvert.SerializeObject(Procedure), "Procedure").InnerXml; } catch { ProcedureXML = null; } if (string.IsNullOrWhiteSpace(ProcedureXML)) { ProcedureXML = null; } try { using (SqlConnection Connection = new SqlConnection(WebConfigurationManager.ConnectionStrings["Database"].ConnectionString)) { Connection.Open(); using (SqlCommand Command = new SqlCommand("apiErrorLog", Connection)) { Command.CommandType = CommandType.StoredProcedure; Command.Parameters.AddWithValue("IPAddress", IPAddress); Command.Parameters.AddWithValue("URL", Context.Request.Path); Command.Parameters.AddWithValue("QueryString", Context.Request.QueryString.ToString()); Command.Parameters.AddWithValue("RequestBody", RequestBody); Command.Parameters.AddWithValue("Procedure", ProcedureXML); Command.Parameters.AddWithValue("Exception", Exception.Message); Command.Parameters.AddWithValue("Message", Message); Command.Parameters.AddWithValue("StackTrace", new StackTrace(Exception, true).ToString()); Command.ExecuteNonQuery(); } Connection.Close(); } } catch (Exception Ex) { Message = Ex.Message; } Context.Response.Clear(); Context.Response.ContentType = "text/plain"; Context.Response.Write(Message); Context.Response.StatusCode = StatusCode; Context.Response.End(); }
public void ProcessRequest(HttpContext Context) { Context.Response.ContentType = "text/json"; Procedure Procedure = null; try { if (!Procedure.TryParse(Context, out Procedure)) { throw new InvalidOperationException("asql:400:Invalid request."); } if (string.IsNullOrWhiteSpace(Procedure.Token)) { throw new UnauthorizedAccessException("asql:401:You must login to continue."); } Security.VerifyUser(Procedure.Token); using (SqlConnection Connection = new SqlConnection(WebConfigurationManager.ConnectionStrings["Database"].ConnectionString)) { Connection.Open(); using (SqlTransaction Transaction = Connection.BeginTransaction(IsolationLevel.Serializable)) { try { using (SqlCommand Command = new SqlCommand(Procedure.Name, Connection, Transaction)) { Command.CommandType = CommandType.StoredProcedure; foreach (Parameter Parameter in Procedure.Parameters) { if (Parameter.XML) { Command.Parameters.AddWithValue(Parameter.Name, JsonConvert.DeserializeXmlNode(JsonConvert.SerializeObject(Parameter.Value), "Object").InnerXml); } else { Command.Parameters.AddWithValue(Parameter.Name, Parameter.Value); } } if (Procedure.UserId) { Command.Parameters.AddWithValue("UserId", Security.UserIdFromToken(Procedure.Token)); } if (Procedure.Type == "execute") { Command.ExecuteNonQuery(); } else if (Procedure.Type == "object") { using (XmlReader Reader = Command.ExecuteXmlReader()) { XmlDocument Document = new XmlDocument(); Document.Load(Reader); Context.Response.Write(JsonConvert.SerializeXmlNode(Document, Newtonsoft.Json.Formatting.Indented)); } } else { using (SqlDataReader Reader = Command.ExecuteReader((Procedure.Type == "singleton") ? CommandBehavior.SingleRow : CommandBehavior.SingleResult)) { using (DataTable Table = new DataTable()) { Table.Load(Reader); Context.Response.Write(JsonConvert.SerializeObject(Table, Newtonsoft.Json.Formatting.Indented)); } } } Transaction.Commit(); } } catch (Exception Exception) { Transaction.Rollback(); throw Exception; } } Connection.Close(); } } catch (Exception Exception) { Logging.LogError(Context, Procedure, Exception); } }