dengyu
/
DS7
1
0
Fork 0
Code Issues Pull Requests Projects 1 Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
DS7_HYRD
ShenZhenCHJY
DS7_JinGang
dev
QDHHYT
master
临时发布20240103
DS7_JingHan
DS7Zhanhao
HuanHaiYunTong
shenzhenchjy
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2f21c032af'
${ noResults }
DS7/DSWeb/Areas/RptMng/Controllers/MsRptInsureController.cs

205 lines
8.7 KiB
C#
Raw Normal View History Unescape Escape

'first'
2 years ago
using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using DSWeb.Areas.CommMng.DAL;
using DSWeb.Areas.RptMng.Comm;
using DSWeb.TruckMng.Helper;
using HcUtility.Comm;
using Microsoft.Practices.EnterpriseLibrary.Data;
using DSWeb.TruckMng.Comm.Cookie;
using DSWeb.Areas.CommMng.Models;
using DSWeb.EntityDA;
using System.Text;
1
7 months ago
using DSWeb.SoftMng.Filter;
'first'
2 years ago
namespace DSWeb.Areas.RptMng.Controllers
{
[JsonRequestBehavior]
public class MsRptInsureController : Controller
{
//
// GET: /RptMng/MsRptInsure
public ActionResult Index()
{
return View();
}
//
// GET/RptMng/MsRptInsure/QryData
1
7 months ago
[SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器
'first'
2 years ago
public ContentResult QryData(int start, int limit, string condition,string sort)
{
var strDa = GetRangDAStr("index", Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request));
if (!string.IsNullOrEmpty(strDa))
{
if (!string.IsNullOrEmpty(condition))
{
condition = condition + " and " + strDa;
}
else
{
condition = strDa;
}
}
var strSql = new StringBuilder();
strSql.Append("select M.BILLNO,M.INSUREBILLNO,M.ORGCODE,M.LOADCOUNT,M.TRUCKNO,M.INSUREBGNDATE,M.INSUREENDDATE, ");
strSql.Append("SUM(M.JQXTOTAL) AS JQXTOTAL,SUM(M.CSXTOTAL) AS CSXTOTAL, ");
strSql.Append(" SUM(M.SZXTOTAL) AS SZXTOTAL,SUM(M.CYXTOTAL) AS CYXTOTAL,SUM(M.CCSTOTAL) AS CCSTOTAL, ");
strSql.Append("SUM(M.BJMPTOTAL) AS BJMPTOTAL,SUM(M.BFTOTAL) AS BFTOTAL");
strSql.Append(" from ");
strSql.Append(" (select A.BillNo,A.InsureBillNo,A.OrgCode,A.TruckNo,A.InsureBgnDate,A.InsureEndDate,(select LoadCount from tMsWlTruck where tMsWlTruck.TruckNo=A.TruckNo) as LoadCount, ");
strSql.Append("case when B.InsureType='0' then InsureTotal else 0 end as JqxTotal, ");
strSql.Append(" case when B.InsureType='1' then InsureTotal else 0 end as CsxTotal,");
strSql.Append("case when B.InsureType='2' then InsureTotal else 0 end as SzxTotal,");
strSql.Append("case when B.InsureType='3' then InsureTotal else 0 end as CyxTotal, ");
strSql.Append(" case when B.InsureType='4' then InsureTotal else 0 end as CcsTotal, ");
strSql.Append("case when B.InsureType='5' then InsureTotal else 0 end as BjmpTotal,");
strSql.Append("case when B.InsureType='6' then InsureTotal else 0 end as BfTotal ");
strSql.Append(" from tMsWlInsureHead A,tMsWlInsureBody B");
strSql.Append(" where A.BillNo=B.BillNo");
if (!string.IsNullOrEmpty(condition))
{
strSql.Append(" and " + condition);
}
strSql.Append(") M ");
strSql.Append(" group by M.BillNo,M.InsureBillNo,M.OrgCode,M.LoadCount,M.TruckNo,M.InsureBgnDate,M.InsureEndDate ");
var sortstring = DatasetSort.Getsortstring(sort);
if (!string.IsNullOrEmpty(sortstring))
{
strSql.Append(" order by " + sortstring);
}
var dbparams = new List<CustomDbParamter>();
var paramps_sSQL = new CustomDbParamter();
paramps_sSQL.ParameterName = "@sSQL";
paramps_sSQL.DbType = DbType.String;
paramps_sSQL.Direction = ParameterDirection.Input;
paramps_sSQL.Value = strSql.ToString();
dbparams.Add(paramps_sSQL);
var dbRptResult = PubSysDAL.GetMsSqlPrcDataSet("sMsExesqlQry", dbparams, "Result_Set");
var json = RptHelper.GetRptJsonResult(start, limit, dbRptResult, "Result_Set", true);
return new ContentResult() { Content = json };
/*
var dbparams = new List<CustomDbParamter>();
var paramps_TruckNo = new CustomDbParamter();
paramps_TruckNo.ParameterName = "@PS_TRUCKNO";
paramps_TruckNo.DbType = DbType.String;
paramps_TruckNo.Direction = ParameterDirection.Input;
paramps_TruckNo.Value = RptHelper.JsonGetValue(condition, "PS_TRUCKNO").ToString();
dbparams.Add(paramps_TruckNo);
var paramps_InsureBillNo = new CustomDbParamter();
paramps_InsureBillNo.ParameterName = "@PS_INSUREBILLNO";
paramps_InsureBillNo.DbType = DbType.String;
paramps_InsureBillNo.Direction = ParameterDirection.Input;
paramps_InsureBillNo.Value = RptHelper.JsonGetValue(condition, "PS_INSUREBILLNO").ToString();
dbparams.Add(paramps_InsureBillNo);
var paramps_OrgCode = new CustomDbParamter();
paramps_OrgCode.ParameterName = "@PS_ORGCODE";
paramps_OrgCode.DbType = DbType.String;
paramps_OrgCode.Direction = ParameterDirection.Input;
paramps_OrgCode.Value = RptHelper.JsonGetValue(condition, "PS_ORGCODE").ToString();
dbparams.Add(paramps_OrgCode);
var paramps_InsureBgnDateBgn = new CustomDbParamter();
paramps_InsureBgnDateBgn.ParameterName = "@PS_INSUREBGNDATEBGN";
paramps_InsureBgnDateBgn.DbType = DbType.String;
paramps_InsureBgnDateBgn.Direction = ParameterDirection.Input;
paramps_InsureBgnDateBgn.Value = RptHelper.JsonGetValue(condition, "PS_INSUREBGNDATEBGN").ToString();
dbparams.Add(paramps_InsureBgnDateBgn);
var paramps_InsureBgnDateEnd = new CustomDbParamter();
paramps_InsureBgnDateEnd.ParameterName = "@PS_INSUREBGNDATEEND";
paramps_InsureBgnDateEnd.DbType = DbType.String;
paramps_InsureBgnDateEnd.Direction = ParameterDirection.Input;
paramps_InsureBgnDateEnd.Value = RptHelper.JsonGetValue(condition, "PS_INSUREBGNDATEEND").ToString();
dbparams.Add(paramps_InsureBgnDateEnd);
var paramps_InsureEndDateBgn = new CustomDbParamter();
paramps_InsureEndDateBgn.ParameterName = "@PS_INSUREENDDATEBGN";
paramps_InsureEndDateBgn.DbType = DbType.String;
paramps_InsureEndDateBgn.Direction = ParameterDirection.Input;
paramps_InsureEndDateBgn.Value = RptHelper.JsonGetValue(condition, "PS_INSUREENDDATEBGN").ToString();
dbparams.Add(paramps_InsureEndDateBgn);
var paramps_InsureEndDateEnd = new CustomDbParamter();
paramps_InsureEndDateEnd.ParameterName = "@PS_INSUREENDDATEEND";
paramps_InsureEndDateEnd.DbType = DbType.String;
paramps_InsureEndDateEnd.Direction = ParameterDirection.Input;
paramps_InsureEndDateEnd.Value = RptHelper.JsonGetValue(condition, "PS_INSUREENDDATEEND").ToString();
dbparams.Add(paramps_InsureEndDateEnd);
var dbRptResult = PubSysDAL.GetMsSqlPrcDataSet("sMsRptInsure", dbparams, "Result_Set");
var json = RptHelper.GetRptJsonResult(start, limit, dbRptResult, "Result_Set", true);
return new ContentResult() { Content = json };
*/
}
public static string GetRangDAStr(string tb, string userid, string usercode, string orgcode)
{
string str = "";
var strSql = new StringBuilder();
strSql.Append("SELECT ");
strSql.Append(" VISIBLERANGE,OPERATERANGE ");
strSql.Append(" from VW_User_Authority ");
strSql.Append(" where [NAME]='modTruckCar' and USERID='" + userid + "' and ISDELETE=0");
string visiblerange = "4";
string operaterange = "4";
Database db = DatabaseFactory.CreateDatabase();
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
{
while (reader.Read())
{
visiblerange = Convert.ToString(reader["VISIBLERANGE"]);
operaterange = Convert.ToString(reader["OPERATERANGE"]);
break;
}
reader.Close();
}
if (visiblerange == "4")
{
str = "1=2";
}
else if (visiblerange == "3")
{
str = " UPPER(A.ORGCODE)='" + orgcode + "'";
}
else if (visiblerange == "2")
{
str = " UPPER(A.ORGCODE)='" + orgcode + "'";
}
else if (visiblerange == "1")
{
str = " UPPER(A.ORGCODE)='" + orgcode + "'";
}
return str;
}
#region 参照部分
#endregion
}
}