diff --git a/DSWeb/Areas/RptMng/Controllers/DemoController.cs b/DSWeb/Areas/RptMng/Controllers/DemoController.cs index 551f15f2..b449c255 100644 --- a/DSWeb/Areas/RptMng/Controllers/DemoController.cs +++ b/DSWeb/Areas/RptMng/Controllers/DemoController.cs @@ -24,7 +24,7 @@ namespace DSWeb.Areas.RptMng.Controllers // // GET:/RptMng/Demo/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition) { var dbparams = new List(); diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptBulkTransController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptBulkTransController.cs index d617c374..5524f732 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptBulkTransController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptBulkTransController.cs @@ -25,7 +25,7 @@ namespace DSWeb.Areas.RptMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = GetDataList(condition,sort); @@ -35,7 +35,7 @@ namespace DSWeb.Areas.RptMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 private static List GetDataList(string strCondition,string sort=null) { var strSql = new StringBuilder(); diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptDjTransController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptDjTransController.cs index e82ad47c..b054bafb 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptDjTransController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptDjTransController.cs @@ -25,7 +25,7 @@ namespace DSWeb.Areas.RptMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = GetDataList(condition,sort); @@ -35,7 +35,7 @@ namespace DSWeb.Areas.RptMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 private static List GetDataList(string strCondition,string sort=null) { var strSql = new StringBuilder(); diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptDriverCheckController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptDriverCheckController.cs index ea07ff39..4befefeb 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptDriverCheckController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptDriverCheckController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.RptMng.Controllers // // GET:/RptMng/MsRptDriverCheck/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition, string sort) { diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptFuelQryController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptFuelQryController.cs index f592ec33..49762f7c 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptFuelQryController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptFuelQryController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.RptMng.Controllers // // GET:/RptMng/MsRptFuelQry/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition,string sort) { diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptInsureController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptInsureController.cs index ca0e6320..8dd0fce2 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptInsureController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptInsureController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.RptMng.Controllers // // GET:/RptMng/MsRptInsure/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition,string sort) { diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptKfWxQryController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptKfWxQryController.cs index 2176c497..8b872245 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptKfWxQryController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptKfWxQryController.cs @@ -26,7 +26,7 @@ namespace DSWeb.Areas.RptMng.Controllers // // GET:/RptMng/MsRptKfWxQry/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition) { var dbparams = new List(); diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptPcHeadQryController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptPcHeadQryController.cs index 63b8219a..2efcc948 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptPcHeadQryController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptPcHeadQryController.cs @@ -29,11 +29,12 @@ namespace DSWeb.Areas.RptMng.Controllers { return View(); } - + // // GET:/RptMng/MsRptPcHeadQry/QryData - + //只显示含在托单下面的路单 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition,string sort) { @@ -163,6 +164,7 @@ namespace DSWeb.Areas.RptMng.Controllers } //也显示无所属托单的路单 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData_ADL( int start, int limit, string condition, string sort ) { var strDa = GetRangDAStr("index", Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptTruckCheckController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptTruckCheckController.cs index 2bf798ca..fa6eaf04 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptTruckCheckController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptTruckCheckController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.RptMng.Controllers // // GET:/RptMng/MsRptTruckCheck/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition, string sort) { var strDa = GetRangDAStr("index", Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptWlTransController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptWlTransController.cs index 99b917c9..49177a61 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptWlTransController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptWlTransController.cs @@ -24,7 +24,7 @@ namespace DSWeb.Areas.RptMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = GetDataList(condition); @@ -34,7 +34,7 @@ namespace DSWeb.Areas.RptMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 private static List GetDataList(string strCondition) { var strSql = new StringBuilder(); diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptWlTyreQryController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptWlTyreQryController.cs index 857d191d..ca27de62 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptWlTyreQryController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptWlTyreQryController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.RptMng.Controllers // // GET:/RptMng/MsRptWlTyreQry/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition,string sort) { diff --git a/DSWeb/Areas/RptMng/Controllers/MsRptWxQryController.cs b/DSWeb/Areas/RptMng/Controllers/MsRptWxQryController.cs index 3be770f3..ace9a7bd 100644 --- a/DSWeb/Areas/RptMng/Controllers/MsRptWxQryController.cs +++ b/DSWeb/Areas/RptMng/Controllers/MsRptWxQryController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.RptMng.Controllers // // GET:/RptMng/MsRptWxQry/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition,string sort) { diff --git a/DSWeb/Areas/SoftMng/Controllers/FileInputHandlerController.cs b/DSWeb/Areas/SoftMng/Controllers/FileInputHandlerController.cs index e4a2977d..ceeda998 100644 --- a/DSWeb/Areas/SoftMng/Controllers/FileInputHandlerController.cs +++ b/DSWeb/Areas/SoftMng/Controllers/FileInputHandlerController.cs @@ -29,6 +29,11 @@ namespace DSWeb.SoftMng.Controllers var path = Server.MapPath(relativepath);//获取物理路径(按年月创建文件夹分类) if (!Directory.Exists(path)) Directory.CreateDirectory(path); var extension = Path.GetExtension(uploadFile.FileName); + if (extension == ".asp" || extension == ".aspx") + { + return Json(new { success = false }); + } + var filepath = "\\" + DateTime.Now.ToString("yyyyMMddHHmmssfff") + "_" + new Random().Next(100, 999) + extension;//随机生成文件名 path += filepath; if (System.IO.File.Exists(path)) System.IO.File.Delete(path); diff --git a/DSWeb/Areas/SoftMng/Controllers/MsInfoClientFeedbackController.cs b/DSWeb/Areas/SoftMng/Controllers/MsInfoClientFeedbackController.cs index ddbe47be..13b9da82 100644 --- a/DSWeb/Areas/SoftMng/Controllers/MsInfoClientFeedbackController.cs +++ b/DSWeb/Areas/SoftMng/Controllers/MsInfoClientFeedbackController.cs @@ -30,6 +30,7 @@ namespace DSWeb.SoftMng.Controllers } #region 主列表查询 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsInfoClientFeedbackDAL.GetDataList(condition, Convert.ToString(Session["USERID"]).ToString().Trim(), Convert.ToString(Session["SHOWNAME"]).ToString().Trim(), Convert.ToString(Session["COMPANYID"]).ToString().Trim(), sort); @@ -37,7 +38,7 @@ namespace DSWeb.SoftMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string condition) { VW_Feedback_InfoEntity head = null; @@ -249,6 +250,7 @@ namespace DSWeb.SoftMng.Controllers #endregion #region 明细表查询 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetFeedbackInfoList(int start, int limit, string sort, string condition) { var dataList = MsInfoClientFeedbackDAL.GetFeedbackInfoList(condition, Convert.ToString(Session["USERID"]).ToString().Trim(), Convert.ToString(Session["SHOWNAME"]).ToString().Trim(), Convert.ToString(Session["COMPANYID"]).ToString().Trim(), sort); diff --git a/DSWeb/Areas/SoftMng/Controllers/MsSoftRequireController.cs b/DSWeb/Areas/SoftMng/Controllers/MsSoftRequireController.cs index 16b08ef7..8d76b1fd 100644 --- a/DSWeb/Areas/SoftMng/Controllers/MsSoftRequireController.cs +++ b/DSWeb/Areas/SoftMng/Controllers/MsSoftRequireController.cs @@ -42,7 +42,7 @@ namespace DSWeb.SoftMng.Controllers // // GET: - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { if (Session["FilterProjectId"] != null && !string.IsNullOrWhiteSpace(Session["FilterProjectId"].ToString())) @@ -59,7 +59,7 @@ namespace DSWeb.SoftMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataListStr(string sort, string condition) { var dataListStr = MsSoftRequireDAL.GetDataListStr(condition, sort); @@ -69,7 +69,7 @@ namespace DSWeb.SoftMng.Controllers // // GET:/TruckMng/MsWlTyreAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { SoftRequire head = null; diff --git a/DSWeb/Areas/SoftMng/Controllers/MsSoftSysTableController.cs b/DSWeb/Areas/SoftMng/Controllers/MsSoftSysTableController.cs index 02277c92..9984e4dc 100644 --- a/DSWeb/Areas/SoftMng/Controllers/MsSoftSysTableController.cs +++ b/DSWeb/Areas/SoftMng/Controllers/MsSoftSysTableController.cs @@ -39,7 +39,7 @@ namespace DSWeb.SoftMng.Controllers // // GET: - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsSoftSysTableDAL.GetDataList(condition, sort); @@ -48,10 +48,10 @@ namespace DSWeb.SoftMng.Controllers return new ContentResult() { Content = json }; } - + // // GET:/TruckMng/MsWlTyreAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { sys_table head = null; diff --git a/DSWeb/Areas/SoftMng/Controllers/MsSoftUpGradeController.cs b/DSWeb/Areas/SoftMng/Controllers/MsSoftUpGradeController.cs index 2348a8ed..6747be41 100644 --- a/DSWeb/Areas/SoftMng/Controllers/MsSoftUpGradeController.cs +++ b/DSWeb/Areas/SoftMng/Controllers/MsSoftUpGradeController.cs @@ -46,7 +46,7 @@ namespace DSWeb.SoftMng.Controllers // // GET: - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsSoftUpGradeDAL.GetDataList(condition, sort); @@ -54,7 +54,7 @@ namespace DSWeb.SoftMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetUpDateLogList(int start, int limit, string sort, string condition) { var dataList = MsSoftUpGradeDAL.GetUpDateLogList(condition, sort); @@ -66,7 +66,7 @@ namespace DSWeb.SoftMng.Controllers // // GET:/TruckMng/MsWlTyreAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { sys_update_sql head = null; diff --git a/DSWeb/Areas/SysMng/Controllers/DBTableConnController.cs b/DSWeb/Areas/SysMng/Controllers/DBTableConnController.cs index 07a6a5d4..4a247b13 100644 --- a/DSWeb/Areas/SysMng/Controllers/DBTableConnController.cs +++ b/DSWeb/Areas/SysMng/Controllers/DBTableConnController.cs @@ -30,7 +30,7 @@ namespace DSWeb.Areas.SysMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { @@ -50,7 +50,7 @@ namespace DSWeb.Areas.SysMng.Controllers }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { Dictionary head = new Dictionary(); @@ -167,7 +167,7 @@ namespace DSWeb.Areas.SysMng.Controllers return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBodyList(int start, int limit, string sort, string condition) { var dataList = DBTableConnDAL.GetBodyList(condition, sort); diff --git a/DSWeb/Areas/SysMng/Controllers/EnumController.cs b/DSWeb/Areas/SysMng/Controllers/EnumController.cs index 708595a7..10758083 100644 --- a/DSWeb/Areas/SysMng/Controllers/EnumController.cs +++ b/DSWeb/Areas/SysMng/Controllers/EnumController.cs @@ -38,7 +38,7 @@ namespace DSWeb.Areas.SysMng.Controllers // // GET:/TruckMng/Enum/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = EnumDAL.GetDataList(condition); @@ -51,7 +51,7 @@ namespace DSWeb.Areas.SysMng.Controllers // // GET:/TruckMng/Enum/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { SysEnumType headData = null; @@ -123,7 +123,7 @@ namespace DSWeb.Areas.SysMng.Controllers var jsonRespose = new JsonResponse { Success = result.Success, Message = result.Message }; return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBodyList(string billno) { var condition = " EnumTypeID=" + billno; diff --git a/DSWeb/Areas/SysMng/Controllers/SysTaskController.cs b/DSWeb/Areas/SysMng/Controllers/SysTaskController.cs index f618b199..e42e6464 100644 --- a/DSWeb/Areas/SysMng/Controllers/SysTaskController.cs +++ b/DSWeb/Areas/SysMng/Controllers/SysTaskController.cs @@ -36,7 +36,7 @@ namespace DSWeb.Areas.SysMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetTaskState(int start, int limit, string sort, string condition) { var dataList = SysTaskDAL.GetTaskState(condition); @@ -66,6 +66,7 @@ namespace DSWeb.Areas.SysMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetTaskExecution(int start, int limit, string sort, string condition) { var dataList = SysTaskDAL.GetTaskExecution(condition); @@ -75,6 +76,7 @@ namespace DSWeb.Areas.SysMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetTaskProgressIndex(int start, int limit, string sort, string condition) { var dataList = SysTaskDAL.GetTaskProgressIndex(condition); diff --git a/DSWeb/Areas/SysMng/Controllers/SysUserController.cs b/DSWeb/Areas/SysMng/Controllers/SysUserController.cs index f6360200..f5c888a2 100644 --- a/DSWeb/Areas/SysMng/Controllers/SysUserController.cs +++ b/DSWeb/Areas/SysMng/Controllers/SysUserController.cs @@ -49,6 +49,7 @@ namespace DSWeb.Areas.SysMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { @@ -66,7 +67,7 @@ namespace DSWeb.Areas.SysMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; }*/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { SysUserMC head = new SysUserMC(); diff --git a/DSWeb/Areas/SysMng/Controllers/USERINFOController.cs b/DSWeb/Areas/SysMng/Controllers/USERINFOController.cs index 3bfe8fc4..c0ccbedc 100644 --- a/DSWeb/Areas/SysMng/Controllers/USERINFOController.cs +++ b/DSWeb/Areas/SysMng/Controllers/USERINFOController.cs @@ -45,7 +45,7 @@ namespace DSWeb.Areas.SysMng.Controllers // // GET:/TruckMng/Enum/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { diff --git a/DSWeb/Areas/TruckMng/Controllers/BasicDataRefController.cs b/DSWeb/Areas/TruckMng/Controllers/BasicDataRefController.cs index b22cca40..499898f7 100644 --- a/DSWeb/Areas/TruckMng/Controllers/BasicDataRefController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/BasicDataRefController.cs @@ -23,6 +23,7 @@ namespace DSWeb.Areas.CommMng.Controllers { #region 良通捷运 目的地列表 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetDetiNation_LTJY(string condition) { var evList = TruckBasicDataRefDAL.GetDetiNation_LTJY(condition, Convert.ToString(Session["USERID"])); @@ -38,6 +39,7 @@ namespace DSWeb.Areas.CommMng.Controllers #endregion #region 将带逗号的内容拆成单个,并将出现频率最高的放置在最前。参数为(表名 列名 查询条件) + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetCommaWord(string tablename ,string columnname, string condition) { var evList = TruckBasicDataRefDAL.GetCommaWord(tablename, columnname,condition, Convert.ToString(Session["USERID"])); diff --git a/DSWeb/Areas/TruckMng/Controllers/CityDistanceController.cs b/DSWeb/Areas/TruckMng/Controllers/CityDistanceController.cs index 962d9d24..21900adf 100644 --- a/DSWeb/Areas/TruckMng/Controllers/CityDistanceController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/CityDistanceController.cs @@ -33,7 +33,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = GetDataList(condition,sort); @@ -44,7 +44,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 private static List GetDataList(string strCondition, string sort) { var strSql = new StringBuilder(); diff --git a/DSWeb/Areas/TruckMng/Controllers/KfCgController.cs b/DSWeb/Areas/TruckMng/Controllers/KfCgController.cs index 6e7e108a..e511f4c9 100644 --- a/DSWeb/Areas/TruckMng/Controllers/KfCgController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/KfCgController.cs @@ -40,6 +40,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/KfCg/GetDataList + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetDataList(int start, int limit, string sort, string condition) { @@ -52,7 +53,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/KfCg/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetData(string handle, string condition) { KfCgHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/LTJYDistanceController.cs b/DSWeb/Areas/TruckMng/Controllers/LTJYDistanceController.cs index f135552a..bf8bd942 100644 --- a/DSWeb/Areas/TruckMng/Controllers/LTJYDistanceController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/LTJYDistanceController.cs @@ -33,7 +33,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = GetDataList(condition,sort); @@ -43,7 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 private static List GetDataList(string strCondition, string sort) { var strSql = new StringBuilder(); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsChFeeController.cs b/DSWeb/Areas/TruckMng/Controllers/MsChFeeController.cs index 3ed4b9e1..d7782672 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsChFeeController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsChFeeController.cs @@ -16,7 +16,7 @@ namespace DSWeb.Areas.TruckMng.Controllers { // // GET: /TruckMng/MsChFee/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(string billno) { string userid = Session["USERID"] == null ? "" : Session["USERID"].ToString(); @@ -25,7 +25,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList_bycondition(string condition) { string userid = Session["USERID"] == null ? "" : Session["USERID"].ToString(); @@ -34,7 +34,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetAuditDataList(string billno) { string userid = Session["USERID"] == null ? "" : Session["USERID"].ToString(); @@ -43,7 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetAuditDataList_ALL(string billno) { string userid = Session["USERID"] == null ? "" : Session["USERID"].ToString(); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsCodeTruckPortController.cs b/DSWeb/Areas/TruckMng/Controllers/MsCodeTruckPortController.cs index 11d9a924..f0bf31c0 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsCodeTruckPortController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsCodeTruckPortController.cs @@ -31,7 +31,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET: - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(string condition,string sort) { var dataList = MsCodeTruckPortDAL.GetDataList(condition, Convert.ToString(Session["COMPANYID"]), sort); @@ -39,7 +39,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataListRm(string CODENAME="",string condition="") { if (CODENAME == "") @@ -62,7 +62,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { CodeTruckPort head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsCustTruckConsigneeController.cs b/DSWeb/Areas/TruckMng/Controllers/MsCustTruckConsigneeController.cs index 34bb292c..0ee0cbcd 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsCustTruckConsigneeController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsCustTruckConsigneeController.cs @@ -36,7 +36,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET: - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsCustTruckConsigneeDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), Convert.ToString(Session["COMPANYID"]), sort); @@ -44,7 +44,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataListRm(string CODENAME = "", string condition = "") { if (CODENAME == "") @@ -67,7 +67,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { CodeTruckConsignee head = null; @@ -125,7 +125,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var jsonRespose = new JsonResponse { Success = result.Success, Message = result.Message }; return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetTruckList(string condition, string CODENAME = "") { if (CODENAME == "") diff --git a/DSWeb/Areas/TruckMng/Controllers/MsCustTruckFeeTemplateController.cs b/DSWeb/Areas/TruckMng/Controllers/MsCustTruckFeeTemplateController.cs index e41b1846..7991d884 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsCustTruckFeeTemplateController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsCustTruckFeeTemplateController.cs @@ -41,7 +41,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET: - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsCustTruckFeeTempldateDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), Convert.ToString(Session["COMPANYID"]), sort); @@ -49,7 +49,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetAuditDataList(int start, int limit, string sort, string condition, string isaudit) { var dataList = MsCustTruckFeeTempldateDAL.GetAuditDataList(condition, isaudit, Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]), sort); @@ -60,7 +60,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { CustTruckFeeTemplate head = null; @@ -85,7 +85,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBodyList(int start, int limit, string sort, string condition) { var dataList = MsCustTruckFeeTempldateDAL.GetBodyList(condition, sort); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsJhSparepartController.cs b/DSWeb/Areas/TruckMng/Controllers/MsJhSparepartController.cs index c67cc1e0..4a332dba 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsJhSparepartController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsJhSparepartController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsJhSparepart/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsJhSparepartDAL.GetDataList(condition); @@ -42,7 +42,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsJhSparepart/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsJhSparepart head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsKfBzWxController.cs b/DSWeb/Areas/TruckMng/Controllers/MsKfBzWxController.cs index 6cbfe28e..a00b2af6 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsKfBzWxController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsKfBzWxController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfBzWx/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsKfBzWxDAL.GetDataList(condition); @@ -42,7 +42,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfBzWx/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsKfBzWx head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsKfJhController.cs b/DSWeb/Areas/TruckMng/Controllers/MsKfJhController.cs index a62fa303..ddfbf2e0 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsKfJhController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsKfJhController.cs @@ -87,7 +87,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfJh/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { string contmp = null; @@ -110,7 +110,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfJh/GetDataListTyre - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataListTyre(int start, int limit, string sort, string condition) { string contmp = null; @@ -133,7 +133,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfJh/GetDataListTyre - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataListTyreGd(int start, int limit, string sort, string condition) { string contmp = null; @@ -156,7 +156,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfJh/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataTyre(string handle, string condition) { MsKfJhHead headData = null; @@ -183,7 +183,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfJh/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataTyreGd(string handle, string condition) { MsKfJhHead headData = null; @@ -210,7 +210,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfJh/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsKfJhHead headData = null; @@ -302,7 +302,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBodyInfoList(string condition) { List list = MsKfJhDAL.GetBodyList(condition); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsKfLyController.cs b/DSWeb/Areas/TruckMng/Controllers/MsKfLyController.cs index 828c37d8..973923b1 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsKfLyController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsKfLyController.cs @@ -71,7 +71,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfLy/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { string contmp = null; @@ -93,7 +93,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfLy/GetDataListTyre - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataListTyre(int start, int limit, string sort, string condition) { string contmp = null; @@ -115,7 +115,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfLy/GetDataTyre/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataTyre(string handle, string condition) { MsKfLyHead headData = null; @@ -142,7 +142,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfLy/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsKfLyHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsKfWxController.cs b/DSWeb/Areas/TruckMng/Controllers/MsKfWxController.cs index db55f3c7..dc2e05fe 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsKfWxController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsKfWxController.cs @@ -39,7 +39,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfWx/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsKfWxDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -52,7 +52,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsKfWx/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsKfWxHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsLsKcController.cs b/DSWeb/Areas/TruckMng/Controllers/MsLsKcController.cs index 38e42490..76291f8a 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsLsKcController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsLsKcController.cs @@ -30,7 +30,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsLsKc/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsLsKcDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -43,7 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsLsKc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsLsKc head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsLsKcPcController.cs b/DSWeb/Areas/TruckMng/Controllers/MsLsKcPcController.cs index 6f4d5c1b..f5c4fca9 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsLsKcPcController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsLsKcPcController.cs @@ -28,7 +28,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsLsKcPc/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsLsKcPcDAL.GetDataList(condition); @@ -41,7 +41,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsLsKcPc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsLsKcPc head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsLsPluAccController.cs b/DSWeb/Areas/TruckMng/Controllers/MsLsPluAccController.cs index 234f1397..2ec97c06 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsLsPluAccController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsLsPluAccController.cs @@ -31,7 +31,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsLsPluAcc/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsLsPluAccDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -44,7 +44,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsLsPluAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsLsPluAcc head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsMlieageController.cs b/DSWeb/Areas/TruckMng/Controllers/MsMlieageController.cs index 6a2f75da..ce96e8ad 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsMlieageController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsMlieageController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsMlieage/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsMlieageDAL.GetDataList(condition); @@ -42,7 +42,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsMlieage/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsMlieage head = null; @@ -64,7 +64,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataSum(string handle, string condition) { MsMlieageSum head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsOpTruckBulkController.cs b/DSWeb/Areas/TruckMng/Controllers/MsOpTruckBulkController.cs index 295534ce..92300781 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsOpTruckBulkController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsOpTruckBulkController.cs @@ -86,7 +86,7 @@ namespace DSWeb.Areas.TruckMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsOpTruckBulkDAL.GetDataList(start, limit,condition, Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]), sort); @@ -95,7 +95,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetAuditDataList(int start, int limit, string sort, string condition,string isaudit) { var dataList = MsOpTruckBulkDAL.GetAuditDataList(condition, isaudit,Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]), sort); @@ -103,7 +103,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetAmendDataList(int start, int limit, string sort, string condition) { var dataList = MsOpTruckBulkDAL.GetAmendDataList(condition, Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]), sort); @@ -111,7 +111,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataListStr(string sort, string condition) { var dataListStr = MsOpTruckBulkDAL.GetDataListStr(condition, Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]), sort); @@ -119,7 +119,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBodyList(int start, int limit, string sort, string condition) { var dataList = MsOpTruckBulkDAL.GetBodyList(condition, sort); @@ -128,7 +128,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsOpTruckBulk head = null; @@ -155,7 +155,7 @@ namespace DSWeb.Areas.TruckMng.Controllers new { Success = true, Message = "查询成功", data = head }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetAmendData(string condition) { MsOpTruckBulk head = null; @@ -1346,7 +1346,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; } } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult RptLRData(int start, int limit, string condition,string sort, string printstr, string sortstr) { var strDa = MsOpTruckBulkDAL.GetRpRangDAStr("index", Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"])); @@ -1445,7 +1445,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult RptSumLRData(int start, int limit, string condition, string sort, string printstr, string sortstr) { var strDa = MsOpTruckBulkDAL.GetRpRangDAStr("index", Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"])); @@ -1544,7 +1544,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult RptCtnLRData(int start, int limit, string condition, string sort, string printstr, string sortstr) { var strDa = MsOpTruckBulkDAL.GetRpRangDAStr("index", Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"])); @@ -1646,7 +1646,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult RptCtnSumLRData(int start, int limit, string condition, string sort, string printstr, string sortstr) { var strDa = MsOpTruckBulkDAL.GetRpRangDAStr("index", Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"])); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsOpTruckBulkPcController.cs b/DSWeb/Areas/TruckMng/Controllers/MsOpTruckBulkPcController.cs index 3aada148..21f5743b 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsOpTruckBulkPcController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsOpTruckBulkPcController.cs @@ -64,7 +64,7 @@ namespace DSWeb.Areas.TruckMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsOpTruckBulkPcDAL.GetDataList(start, limit, condition, Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]), sort); @@ -72,7 +72,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetAuditDataList(int start, int limit, string sort, string condition, string isaudit) { var dataList = MsOpTruckBulkPcDAL.GetAuditDataList(condition, isaudit, Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]), sort); @@ -80,7 +80,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataListStr(string sort, string condition) { var dataListStr = MsOpTruckBulkPcDAL.GetDataListStr(condition, Convert.ToString(Session["USERID"]), Convert.ToString(Session["SHOWNAME"]), Convert.ToString(Session["COMPANYID"]), sort); @@ -88,7 +88,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBodyList(int start, int limit, string sort, string condition) { var dataList = MsOpTruckBulkPcDAL.GetBodyList(condition, sort); @@ -97,7 +97,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsOpTruckBulkPc head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadEditController.cs b/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadEditController.cs index 2fd19a9a..b928a067 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadEditController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadEditController.cs @@ -38,7 +38,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList ( int start, int limit, string sort, string condition ) { var dataList = MsRptPcHeadEditDAL.GetDataList(condition,CookieConfig.GetCookie_UserId(Request), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_UserName(Request), CookieConfig.GetCookie_CompanyId(Request), sort); @@ -122,7 +122,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetMuDiDi ( int start, int limit, string sort, string condition ) { var dataList = MsRptPcHeadEditDAL.GetMuDiDi(condition, sort); @@ -132,7 +132,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetShifadi ( int start, int limit, string sort, string condition ) { var dataList = MsRptPcHeadEditDAL.GetShiFaDi(condition, sort); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadOperateController.cs b/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadOperateController.cs index d6b29bad..f01ce02b 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadOperateController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadOperateController.cs @@ -30,11 +30,12 @@ namespace DSWeb.Areas.TruckMng.Controllers { return View(); } - + // // GET:/RptMng/MsRptPcHeadQry/QryData //显示无所属托单的路单 用于烟台爱德林项目 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData_ADL ( int start, int limit, string condition, string sort ) { var strDa = GetRangDAStr("index", Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadQryController.cs b/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadQryController.cs index a1d2abd1..acf82a99 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadQryController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsRptPcHeadQryController.cs @@ -30,10 +30,10 @@ namespace DSWeb.Areas.TruckMng.Controllers { return View(); } - + // // GET:/RptMng/MsRptPcHeadQry/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition,string sort) { diff --git a/DSWeb/Areas/TruckMng/Controllers/MsTruckPluController.cs b/DSWeb/Areas/TruckMng/Controllers/MsTruckPluController.cs index e4b2b6b0..79bdd6c6 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsTruckPluController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsTruckPluController.cs @@ -30,7 +30,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsTruckPlu/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsTruckPluDAL.GetDataList(condition,sort); @@ -43,7 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsTruckPlu/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsTruckPlu head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlBsAuditController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlBsAuditController.cs index 9fac288c..9576096b 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlBsAuditController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlBsAuditController.cs @@ -23,7 +23,7 @@ namespace DSWeb.Areas.TruckMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlBsAuditDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlBsController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlBsController.cs index 0ce6dc60..1ec6e4c7 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlBsController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlBsController.cs @@ -59,7 +59,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/WlTruck/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlBsDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -69,7 +69,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetAuditDataList(int start, int limit, string sort, string condition, string isaudit) { var dataList = MsWlBsDAL.GetAuditDataList(condition, isaudit, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request), sort); @@ -79,7 +79,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetListSum(string condition) { var rangstr = MsWlPcDAL.GetRangDAStr("index", Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); @@ -124,7 +124,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/WlBsCard/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlBsHead head = null; @@ -289,6 +289,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } #region 明细表部分 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetCtnBodyList(string billno) { var condition = " BillNo='" + billno + "'"; @@ -296,14 +297,14 @@ namespace DSWeb.Areas.TruckMng.Controllers return Json(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetCtnBodyList2(string condition) { List list = MsWlBsDAL.GetCtnBodyList(condition); return Json(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetFeeBodyList(string billno) { var condition = " BillNo='" + billno + "'"; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlBsCtnController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlBsCtnController.cs index 66d8e400..7ca728ed 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlBsCtnController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlBsCtnController.cs @@ -61,7 +61,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlBsDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -71,7 +71,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetListSum(string condition) { var rangstr = MsWlPcDAL.GetRangDAStr("index", Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); @@ -116,7 +116,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/WlBsCard/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlBsHead head = null; @@ -141,7 +141,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetPcBodyList(string condition,string sort) { var list = MsWlBsDAL.GetPcBodyList(condition,sort); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlBs_HTController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlBs_HTController.cs index 9edb128f..9527f03e 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlBs_HTController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlBs_HTController.cs @@ -44,7 +44,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/WlTruck/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlBs_HTDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request), sort); @@ -57,7 +57,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/WlBsCard/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlBsHead head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlBulkController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlBulkController.cs index 53be7365..f5537b73 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlBulkController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlBulkController.cs @@ -33,7 +33,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlBulk/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlBulkDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); @@ -46,7 +46,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlBulk/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlBulkHead head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlBulkPcController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlBulkPcController.cs index dfce2ea8..308398d6 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlBulkPcController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlBulkPcController.cs @@ -56,11 +56,11 @@ namespace DSWeb.Areas.TruckMng.Controllers return View(); } - + // // GET:/TruckMng/MsWlBulkPc/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var sqlwhere = condition; @@ -75,7 +75,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataQueryList(int start, int limit, string sort, string condition) { var sqlwhere = condition; @@ -90,7 +90,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = dataList.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetChacheDataList(int start, int limit, string sort, string condition) { var sqlwhere = condition; @@ -109,7 +109,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlBulkPc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlPcHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlCheckAccController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlCheckAccController.cs index 84a91408..730e831d 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlCheckAccController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlCheckAccController.cs @@ -44,7 +44,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlCheckAcc/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { @@ -71,7 +71,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataPcList(int start, int limit, string sort, string condition) { var dataList = MsWlCheckAccDAL.GetDataPcList(condition); @@ -97,7 +97,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } // // GET:/TruckMng/MsWlCheckAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlCheckAcc head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlCkController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlCkController.cs index 8319e82e..c63569b4 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlCkController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlCkController.cs @@ -39,7 +39,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlCk/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlCkDAL.GetDataList(condition); @@ -52,7 +52,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlCk/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlCkHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlDjController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlDjController.cs index 12cfc36d..87864957 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlDjController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlDjController.cs @@ -31,7 +31,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlDj/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlDjDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); @@ -44,7 +44,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlDj/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlDjHead head = null; @@ -65,7 +65,7 @@ namespace DSWeb.Areas.TruckMng.Controllers new { Success = true, Message = "查询成功", data = head }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDetailDataList(int start, int limit, string sort, string condition) { var dataList = MsWlDjDAL.GetDetailDataList(condition); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlDjPcController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlDjPcController.cs index 8b61a9c0..c5e84f72 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlDjPcController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlDjPcController.cs @@ -40,7 +40,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlDjPc/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var sqlwhere = condition; @@ -58,7 +58,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlDjPc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlPcHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlDriverController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlDriverController.cs index 57e62dbd..43c100be 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlDriverController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlDriverController.cs @@ -54,7 +54,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlDriver/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlInsureController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlInsureController.cs index e80be11e..8c5443c7 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlInsureController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlInsureController.cs @@ -39,7 +39,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlInsure/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlInsureDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -52,7 +52,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlInsure/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlInsureHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlInsureLtdController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlInsureLtdController.cs index ec6cd57a..4ed491d4 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlInsureLtdController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlInsureLtdController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlInsureLtd/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlInsureLtdDAL.GetDataList(condition); @@ -42,7 +42,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlInsureLtd/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlInsureLtd head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlPcController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlPcController.cs index 72b90feb..a0789294 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlPcController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlPcController.cs @@ -40,7 +40,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET: /TruckMng/MsWlPc/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(string refbillno) { var condition = " RefBillNo='" + refbillno + "' or BILLNO in(select PC_BILLNO from BS_PC_Status where BS_BILLNO='" + refbillno + "')";// or RefBillNoSe='" + refbillno + "'"; @@ -49,7 +49,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList_ADL ( int start, int limit, string sort, string condition ) { //var condition = " RefBillNo='" + refbillno + "'";// or RefBillNoSe='" + refbillno + "'"; @@ -61,6 +61,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetListSum(string condition) { var rangstr = MsWlPcDAL.GetRangDAStr("index", Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); @@ -101,6 +102,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } //用于查找可以用来添加双背的路单 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetSBPC(string condition,string refbillno) { var _condition = " RefBillNo<>'" + refbillno + "' and BILLNO not in(select PC_BILLNO from BS_PC_Status where BS_BILLNO='" + refbillno + "') and expdate=(select NeedArriveDate from tmswlbshead where billno='" + refbillno + "')";// or RefBillNoSe='" + refbillno + "'"; @@ -116,7 +118,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlPc/GetData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition, string refbillno) { MsWlPcHead pcHead = null; @@ -168,7 +170,7 @@ namespace DSWeb.Areas.TruckMng.Controllers new { Success = true, Message = "查询成功", data = pcHead }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData_ADL ( string handle, string condition, string refbillno ) { MsWlPcHead_ADL pcHead = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlPcHeadController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlPcHeadController.cs index 6c1802e2..35e5599e 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlPcHeadController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlPcHeadController.cs @@ -33,7 +33,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlPcHead/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlPcHeadDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -46,7 +46,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlPcHead/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlPcHead head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlRkController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlRkController.cs index aaa1b4b2..15b79e9f 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlRkController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlRkController.cs @@ -39,7 +39,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlRk/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlRkDAL.GetDataList(condition); @@ -52,7 +52,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlRk/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlRkHead headData = null; @@ -134,7 +134,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var jsonRespose = new JsonResponse { Success = result.Success, Message = result.Message }; return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBodyList(string billno) { var condition = " BillNo='" + billno + "' "; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTruckController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTruckController.cs index ba35b29f..d112e942 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTruckController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTruckController.cs @@ -38,7 +38,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlTruckDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -51,7 +51,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlTruck head = null; @@ -156,7 +156,7 @@ namespace DSWeb.Areas.TruckMng.Controllers #endregion - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 // public ContentResult GetTruckMonthList ( string condition ) { diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTruckFeeController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTruckFeeController.cs index f5842f4c..82ec97ee 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTruckFeeController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTruckFeeController.cs @@ -34,6 +34,7 @@ namespace DSWeb.Areas.TruckMng.Controllers #region 车辆其他费用记录 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var USERID = Convert.ToString(CookieConfig.GetCookie_UserId(Request)); @@ -46,6 +47,8 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string condition) { MsWlTruckFee head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTruckTeamController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTruckTeamController.cs index 5ed85556..4cfc9101 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTruckTeamController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTruckTeamController.cs @@ -34,7 +34,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlTruckDAL.GetTruckTeamList(condition, sort); @@ -48,7 +48,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlTruck head = null; @@ -134,7 +134,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = _r, data = "" }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetTruckNoList(string condition) { var list = MsWlTruckDAL.GetTruckNoList(Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreAccController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreAccController.cs index f459808b..af148d7f 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreAccController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreAccController.cs @@ -30,7 +30,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreAcc/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlTyreAccDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request),sort); @@ -43,7 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlTyreAcc head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreCkController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreCkController.cs index a4731c6d..4fb770ac 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreCkController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreCkController.cs @@ -29,6 +29,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreCk/GetDataList + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { @@ -42,7 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreCk/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlTyreCk head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreController.cs index a68985b9..5e38edd8 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreController.cs @@ -30,6 +30,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyre/GetDataList + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { @@ -43,7 +44,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyre/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlTyre head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreRepController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreRepController.cs index 777f3056..daacb19d 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreRepController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreRepController.cs @@ -39,7 +39,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreRep/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlTyreRepDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); @@ -52,7 +52,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreRep/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlTyreRepHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreScrapController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreScrapController.cs index cd974de5..b9dc57fb 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreScrapController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreScrapController.cs @@ -30,7 +30,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreScrap/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlTyreScrapDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); @@ -43,7 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreScrap/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlTyreScrap head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreWxController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreWxController.cs index 6daaaffc..72e6287a 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWlTyreWxController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWlTyreWxController.cs @@ -34,7 +34,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreWx/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWlTyreWxDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request)); @@ -47,7 +47,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTyreWx/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlTyreWx head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_ADL_FuelTruckListController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_ADL_FuelTruckListController.cs index a8f07687..eb20ac16 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_ADL_FuelTruckListController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_ADL_FuelTruckListController.cs @@ -41,7 +41,7 @@ namespace DSWeb.Areas.TruckMng.Controllers { return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList ( int start, int limit, string sort, string condition ) { var dataList = MsWl_ADLDAL.GetDataList(condition, sort); @@ -51,6 +51,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWl_ADLFuelmb headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_HH_ZYController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_HH_ZYController.cs index 09ce964a..ffdf8b92 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_HH_ZYController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_HH_ZYController.cs @@ -41,6 +41,8 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetDataList #endregion + + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWl_HH_ZYDAL.GetDataList(condition, sort); @@ -50,7 +52,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList_2(int start, int limit, string sort, string condition) { var dataList = MsWl_HH_ZYDAL.GetDataList_2(condition, sort); @@ -63,7 +65,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWl_HH_ZYmb head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_HH_ZY_AuditController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_HH_ZY_AuditController.cs index 8b38ebb3..de1f1517 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_HH_ZY_AuditController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_HH_ZY_AuditController.cs @@ -40,7 +40,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWl_HH_ZYDAL.GetDataList(condition, sort); @@ -50,7 +50,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList_2(int start, int limit, string sort, string condition) { var dataList = MsWl_HH_ZYDAL.GetDataList_2(condition, sort); @@ -63,7 +63,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWl_HH_ZYmb head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_HaierController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_HaierController.cs index 804660ca..6d191e14 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_HaierController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_HaierController.cs @@ -50,7 +50,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } // // GET:/RptMng/MsRptPcHeadQry/QryData - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult QryData(int start, int limit, string condition,string sort) { @@ -208,7 +208,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return str; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = GetDataList(condition, sort); @@ -218,7 +218,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 static public List GetDataList( string condition,string sort) { var strSql = new StringBuilder(); @@ -245,28 +245,28 @@ namespace DSWeb.Areas.TruckMng.Controllers } return SetData(strSql); } -/* - public ContentResult GetData(string condition) - { - MsWlPcHead head = null; - + /* + public ContentResult GetData(string condition) + { + MsWlPcHead head = null; - var _t = ""; - var list = GetDataList(condition, _t); - if (list.Count > 0) - head = list[0]; - if (head == null) - { - head = new MsWlPcHead(); - } + var _t = ""; + var list = GetDataList(condition, _t); + if (list.Count > 0) + head = list[0]; - var json = JsonConvert.Serialize( - new { Success = true, Message = "查询成功", data = head }); - return new ContentResult() { Content = json }; + if (head == null) + { + head = new MsWlPcHead(); + } - }*/ + var json = JsonConvert.Serialize( + new { Success = true, Message = "查询成功", data = head }); + return new ContentResult() { Content = json }; + }*/ + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 static public MsWlPcHead GetData(string condition) { var _t = ""; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_HaierMainController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_HaierMainController.cs index 57e73c03..ae9ac20c 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_HaierMainController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_HaierMainController.cs @@ -131,7 +131,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return str; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = GetDataList(condition, sort); @@ -141,7 +141,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 static public List GetDataList(string condition, string sort) { var strSql = new StringBuilder(); @@ -164,28 +164,28 @@ namespace DSWeb.Areas.TruckMng.Controllers } return SetData(strSql); } -/* - public ContentResult GetData(string condition) - { - MsWlPcHead head = null; - + /* + public ContentResult GetData(string condition) + { + MsWlPcHead head = null; - var _t = ""; - var list = GetDataList(condition, _t); - if (list.Count > 0) - head = list[0]; - if (head == null) - { - head = new MsWlPcHead(); - } + var _t = ""; + var list = GetDataList(condition, _t); + if (list.Count > 0) + head = list[0]; - var json = JsonConvert.Serialize( - new { Success = true, Message = "查询成功", data = head }); - return new ContentResult() { Content = json }; + if (head == null) + { + head = new MsWlPcHead(); + } - }*/ + var json = JsonConvert.Serialize( + new { Success = true, Message = "查询成功", data = head }); + return new ContentResult() { Content = json }; + }*/ + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 static public MsWl_HaierMain GetData(string condition) { var _t = ""; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_LKPcController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_LKPcController.cs index 8e59a264..39e16835 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_LKPcController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_LKPcController.cs @@ -50,7 +50,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlDjPc/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var sqlwhere = condition; @@ -68,7 +68,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlDjPc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWl_LKPCHead headData = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_CargoInfoController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_CargoInfoController.cs index 79c13e52..3f940d6b 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_CargoInfoController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_CargoInfoController.cs @@ -35,7 +35,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList =MsWl_LKPCDAL. GetCargoInfoList(condition, sort); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_LineController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_LineController.cs index 57656e67..3fe3ce7d 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_LineController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_LineController.cs @@ -38,7 +38,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = GetDataList(condition,sort); @@ -49,7 +49,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 private static List GetDataList(string strCondition,string sort) { var strSql = new StringBuilder(); @@ -200,7 +200,7 @@ namespace DSWeb.Areas.TruckMng.Controllers #region 线路内节点明细 - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetLineDetailList ( int start, int limit, string sort, string LINE_GID ) { var condition = " LINE_GID='" + LINE_GID + "' "; @@ -212,7 +212,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 private static List GetLineDetailList ( string strCondition, string sort ) { var strSql = new StringBuilder(); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_RPTController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_RPTController.cs index de3f6d96..c8d2aad0 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_RPTController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_LK_RPTController.cs @@ -35,7 +35,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetPCDetailList ( int start, int limit, string sort, string condition ) { List list = MsWl_LKPCDAL.GetCargoRPTList(condition); @@ -43,7 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetCargoDoList ( int start, int limit, string sort, string condition ) { List list = MsWl_LKPCDAL.GetCargoDoRPTList(condition); @@ -51,7 +51,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetCargoDoRPT_EXPDATE ( int start, int limit, string sort, string condition ) { List list = MsWl_LKPCDAL.GetCargoDoRPT_EXPDATE(condition); @@ -59,6 +59,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetCargoDoRPT_POINT ( int start, int limit, string sort, string condition ) { List list = MsWl_LKPCDAL.GetCargoDoRPT_POINT(condition); @@ -66,6 +67,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetCargoDoRPT_TRUCKNO ( int start, int limit, string sort, string condition ) { List list = MsWl_LKPCDAL.GetCargoDoRPT_TRUCKNO(condition); @@ -73,6 +75,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = list.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetCargoDoRPT_DRVNAME ( int start, int limit, string sort, string condition ) { List list = MsWl_LKPCDAL.GetCargoDoRPT_DRVNAME(condition); diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_PortController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_PortController.cs index ae65e450..8f85ac0c 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_PortController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_PortController.cs @@ -61,6 +61,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } #region 码头业务主表 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = MsWl_PortDAL.GetDataList(condition,sort); @@ -70,6 +71,8 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWl_Portmb head = null; @@ -104,6 +107,8 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetCtnData(string handle, string condition) { PortCtnmb head = null; @@ -137,6 +142,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetOtherData(string handle, string condition) { PortOthermb head = null; @@ -170,6 +176,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetROData(string handle, string condition) { PortROmb head = null; @@ -203,6 +210,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetMovCtnData(string handle, string condition) { PortMovCtnmb head = null; @@ -236,6 +244,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetGJData(string handle, string condition) { PortGJmb head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/MsWl_Port_FuelTruckListController.cs b/DSWeb/Areas/TruckMng/Controllers/MsWl_Port_FuelTruckListController.cs index 7e46051e..bf97127c 100644 --- a/DSWeb/Areas/TruckMng/Controllers/MsWl_Port_FuelTruckListController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/MsWl_Port_FuelTruckListController.cs @@ -43,6 +43,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } #region 集合列表—码头加油记录 + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetFuelTruckList(int start, int limit, string sort, string condition) { var dataList = MsWl_PortDAL.GetFuelTruckList(condition, sort); @@ -52,6 +53,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetFuelTruck(string handle, string condition) { FuelTruckListmb head = null; @@ -64,7 +66,7 @@ namespace DSWeb.Areas.TruckMng.Controllers new { Success = true, Message = "查询成功", data = head }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetFuelDate(int start, int limit, string sort, string condition) { var dataList = MsWl_PortDAL.GetFuelDate(condition, sort); @@ -74,7 +76,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetFuelPrice(int start, int limit, string sort, string condition, string condition2) { var dataList = MsWl_PortDAL.GetFuelPrice(condition, condition2, sort, Session["COMPANYID"].ToString(), Session["USERID"].ToString()); diff --git a/DSWeb/Areas/TruckMng/Controllers/PcHeadEdit_LTJYController.cs b/DSWeb/Areas/TruckMng/Controllers/PcHeadEdit_LTJYController.cs index 2ead6c56..f5d755ec 100644 --- a/DSWeb/Areas/TruckMng/Controllers/PcHeadEdit_LTJYController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/PcHeadEdit_LTJYController.cs @@ -54,7 +54,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return View(); } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList ( int start, int limit, string sort, string condition ) { var dataList = MsRptPcHeadEditDAL.GetLTJYList(condition, CookieConfig.GetCookie_UserId(Request), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_UserName(Request), CookieConfig.GetCookie_CompanyId(Request), sort); @@ -64,7 +64,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataFenList(int start, int limit, string sort, string condition) { var dataList = MsRptPcHeadEditDAL.GetLTJYFenList(condition, sort); @@ -74,7 +74,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlPcHead_LTJYEdit head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/PcHeadEdit_WFSDController.cs b/DSWeb/Areas/TruckMng/Controllers/PcHeadEdit_WFSDController.cs index acf0ca75..7dd7c214 100644 --- a/DSWeb/Areas/TruckMng/Controllers/PcHeadEdit_WFSDController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/PcHeadEdit_WFSDController.cs @@ -86,6 +86,7 @@ namespace DSWeb.Areas.TruckMng.Controllers { return View(); } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList ( int start, int limit, string sort, string condition ) { var dataList = MsRptPcHeadEditDAL.GetWFSDList(condition, CookieConfig.GetCookie_UserId(Request), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_UserName(Request), CookieConfig.GetCookie_CompanyId(Request), sort); @@ -95,6 +96,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataFenList(int start, int limit, string sort, string condition) { var dataList = MsRptPcHeadEditDAL.GetWFSDFenList(condition, sort); @@ -104,7 +106,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { MsWlPcHead_WFSDEdit head = null; @@ -163,7 +165,7 @@ namespace DSWeb.Areas.TruckMng.Controllers return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetQDLHDataList(int start, int limit, string sort, string condition) { var dataList = MsRptPcHeadEditDAL.GetQDLHList(condition, CookieConfig.GetCookie_UserId(Request), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_UserName(Request), CookieConfig.GetCookie_CompanyId(Request), sort); @@ -173,6 +175,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetQDLHData(string handle, string condition) { MsWlPcHead_QDLHEdit head = null; @@ -592,7 +595,7 @@ namespace DSWeb.Areas.TruckMng.Controllers } } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult RptTruckListData(int start, int limit, string condition, string sort, string printstr, string sortstr) { diff --git a/DSWeb/Areas/TruckMng/Controllers/RPT_lyController.cs b/DSWeb/Areas/TruckMng/Controllers/RPT_lyController.cs index ac0a6ad7..74417f3b 100644 --- a/DSWeb/Areas/TruckMng/Controllers/RPT_lyController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/RPT_lyController.cs @@ -28,7 +28,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/RPT_ly/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = RPT_lyDAL.GetDataList(condition); @@ -55,7 +55,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlCheckAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { RPT_lymb head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/RPT_zb_lrbbController.cs b/DSWeb/Areas/TruckMng/Controllers/RPT_zb_lrbbController.cs index b0b36815..9c538fb8 100644 --- a/DSWeb/Areas/TruckMng/Controllers/RPT_zb_lrbbController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/RPT_zb_lrbbController.cs @@ -29,7 +29,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/RPT_ly/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetDataList(int start, int limit, string sort, string condition) { var dataList = RPT_zb_lrbbDAL.GetDataList(condition); @@ -41,7 +41,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlCheckAcc/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetData(string handle, string condition) { RPT_zb_lrbbmb head = null; diff --git a/DSWeb/Areas/TruckMng/Controllers/TMSRPTController.cs b/DSWeb/Areas/TruckMng/Controllers/TMSRPTController.cs index 0dbd7256..479ede5f 100644 --- a/DSWeb/Areas/TruckMng/Controllers/TMSRPTController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/TMSRPTController.cs @@ -47,7 +47,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult MONTH_GetDataList(int start, int limit, string sort, string condition) { var dataList = TMSRPTDAL.GetDataList(condition, Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request), sort); @@ -60,7 +60,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/MsWlTruck/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult MONTH_GetData ( string handle, string condition ) { TMSRPT_MONTH head = null; @@ -143,7 +143,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var jsonRespose = new JsonResponse { Success = result.Success, Message = result.Message }; return new ContentResult() { Content = JsonConvert.Serialize(jsonRespose) }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetBodyList(int start, int limit, string condition) { var dataList = TMSRPTDAL.GetBodyList(condition); @@ -151,7 +151,7 @@ namespace DSWeb.Areas.TruckMng.Controllers var json = JsonConvert.Serialize(new { Success = true, Message = "查询成功", totalCount = dataList.Count, data = list.ToList() }); return new ContentResult() { Content = json }; } - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public ContentResult GetCompanyDetailList ( int start, int limit, string condition ) { var dataList = TMSRPTDAL.GetCompanyDetailList(condition); diff --git a/DSWeb/Areas/TruckMng/Controllers/WlTruckController.cs b/DSWeb/Areas/TruckMng/Controllers/WlTruckController.cs index 8bc94029..ae9b1d72 100644 --- a/DSWeb/Areas/TruckMng/Controllers/WlTruckController.cs +++ b/DSWeb/Areas/TruckMng/Controllers/WlTruckController.cs @@ -28,7 +28,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/WlTruck/GetDataList - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetDataList(int start, int limit, string sort, string condition) { var ordYhList = WlTruckDAL.GetDataList(condition); @@ -40,7 +40,7 @@ namespace DSWeb.Areas.TruckMng.Controllers // // GET:/TruckMng/WlTruck/GetData/ - + [SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器 public JsonResult GetData(string handle, string condition) { WlTruck wlTruck = null; diff --git a/JobAutoCreateFee/JobD7DjyFee.cs b/JobAutoCreateFee/JobD7DjyFee.cs index 351a19a8..2cf0f154 100644 --- a/JobAutoCreateFee/JobD7DjyFee.cs +++ b/JobAutoCreateFee/JobD7DjyFee.cs @@ -242,7 +242,7 @@ namespace JobCreateFee OPSEAE.BSNO = row["BSNO"].ToString(); OPSEAE.FEESTATUS = Convert.ToBoolean(row["FEESTATUS"].ToString()); OPSEAE.BSSTATUS = Convert.ToBoolean(row["BSSTATUS"].ToString()); - OPSEAE.ETD = Convert.ToString(row["BSSTATUS"].ToString()); + OPSEAE.ETD = Convert.ToString(row["ETD"].ToString()); }