You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
DS7/DSWeb/Areas/RptMng/Controllers/MsRptDriverCheckController.cs

187 lines
6.0 KiB
C#

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

using System;
using System.Collections.Generic;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using DSWeb.Areas.CommMng.DAL;
using DSWeb.Areas.RptMng.Comm;
using DSWeb.TruckMng.Helper;
using System.Text;
using Microsoft.Practices.EnterpriseLibrary.Data;
using HcUtility.Comm;
using DSWeb.TruckMng.Comm.Cookie;
using DSWeb.Areas.CommMng.Models;
using DSWeb.EntityDA;
using DSWeb.SoftMng.Filter;
namespace DSWeb.Areas.RptMng.Controllers
{
[JsonRequestBehavior]
public class MsRptDriverCheckController : Controller
{
//
// GET: /RptMng/MsRptDriverCheck
public ActionResult Index()
{
return View();
}
//
// GET/RptMng/MsRptDriverCheck/QryData
[SqlKeyWordsFilter(Type = "Action")]//sql 防注入过滤器
public ContentResult QryData(int start, int limit, string condition, string sort)
{
var strDa = GetRangDAStr("index", Convert.ToString(Session["USERID"]), CookieConfig.GetCookie_UserCode(Request), CookieConfig.GetCookie_OrgCode(Request));
if (!string.IsNullOrEmpty(strDa))
{
if (!string.IsNullOrEmpty(condition))
{
condition = condition + " and " + strDa;
}
else
{
condition = strDa;
}
}
var strSql = new StringBuilder();
strSql.Append("SELECT ");
strSql.Append("DRVCODE, ORGCODE, YEARCHECKDATE, JZNO ");
strSql.Append(" FROM TMSWLDRIVER ");
if (!string.IsNullOrEmpty(condition))
{
strSql.Append(" where " + condition);
}
var sortstring = DatasetSort.Getsortstring(sort);
if (!string.IsNullOrEmpty(sortstring))
{
strSql.Append(" order by " + sortstring);
}
var dbparams = new List<CustomDbParamter>();
var paramps_sSQL = new CustomDbParamter();
paramps_sSQL.ParameterName = "@sSQL";
paramps_sSQL.DbType = DbType.String;
paramps_sSQL.Direction = ParameterDirection.Input;
paramps_sSQL.Value = strSql.ToString();
dbparams.Add(paramps_sSQL);
/*
var dbparams = new List<CustomDbParamter>();
var paramps_DrvCode = new CustomDbParamter();
paramps_DrvCode.ParameterName = "@PS_DRVCODE";
paramps_DrvCode.DbType = DbType.String;
paramps_DrvCode.Direction = ParameterDirection.Input;
paramps_DrvCode.Value = RptHelper.JsonGetValue(condition, "PS_DRVCODE").ToString();
dbparams.Add(paramps_DrvCode);
var paramps_OrgCode = new CustomDbParamter();
string orgcode = GetRangDAStr();
paramps_OrgCode.ParameterName = "@PS_ORGCODE";
paramps_OrgCode.DbType = DbType.String;
paramps_OrgCode.Direction = ParameterDirection.Input;
if (orgcode == "")
{
paramps_OrgCode.Value = RptHelper.JsonGetValue(condition, "PS_ORGCODE").ToString();
}
else
{
paramps_OrgCode.Value = orgcode;
};
dbparams.Add(paramps_OrgCode);
var paramps_YearMonth = new CustomDbParamter();
paramps_YearMonth.ParameterName = "@PS_YEARMONTH";
paramps_YearMonth.DbType = DbType.String;
paramps_YearMonth.Direction = ParameterDirection.Input;
paramps_YearMonth.Value = RptHelper.JsonGetValue(condition, "PS_YEARMONTH").ToString();
dbparams.Add(paramps_YearMonth);
var paramps_paixu = new CustomDbParamter();
paramps_paixu.ParameterName = "@Ps_PaiXu";
paramps_paixu.DbType = DbType.String;
paramps_paixu.Direction = ParameterDirection.Input;
if (sort == "")
{
paramps_paixu.Value = "DRVCODE";
}
else
{
paramps_paixu.Value = sort;
}
dbparams.Add(paramps_paixu);
var dbRptResult = PubSysDAL.GetMsSqlPrcDataSet("sMsRptDriverCheck", dbparams, "Result_Set");
*/
var dbRptResult = PubSysDAL.GetMsSqlPrcDataSet("sMsExesqlQry", dbparams, "Result_Set");
var json = RptHelper.GetRptJsonResult(start, limit, dbRptResult, "Result_Set", true);
return new ContentResult() { Content = json };
}
public static string GetRangDAStr(string tb, string userid, string usercode, string orgcode)
{
string str = "";
var strSql = new StringBuilder();
strSql.Append("SELECT ");
strSql.Append(" VISIBLERANGE,OPERATERANGE ");
strSql.Append(" from VW_User_Authority ");
strSql.Append(" where [NAME]='modTruckCar' and USERID='" + userid + "' and ISDELETE=0");
string visiblerange = "4";
string operaterange = "4";
Database db = DatabaseFactory.CreateDatabase();
using (IDataReader reader = db.ExecuteReader(CommandType.Text, strSql.ToString()))
{
while (reader.Read())
{
visiblerange = Convert.ToString(reader["VISIBLERANGE"]);
operaterange = Convert.ToString(reader["OPERATERANGE"]);
break;
}
reader.Close();
}
if (visiblerange == "4")
{
str = "1=2";
}
else if (visiblerange == "3")
{
str = " ORGCODE='" + orgcode + "'";
}
else if (visiblerange == "2")
{
str = " ORGCODE='" + orgcode + "'";
}
else if (visiblerange == "1")
{
str = " ORGCODE='" + orgcode + "'";
}
return str;
}
#region 参照部分
#endregion
}
}