using System;
using System.Data;
using System.Data.SqlClient;
using System.Web.UI.WebControls;
using System.Configuration;
using System.Text;
namespace SJW.Common
{
/// <summary>
/// Comm 的摘要说明。
/// </summary>
public class Comm
{
/// <summary>
/// 数据库连接字符串
/// </summary>
public static string STR_CONN = ConfigurationManager.ConnectionStrings["DB_SJW_ConnStr"].ConnectionString.ToString();
public static string UpLoadPath = System.Configuration.ConfigurationManager.AppSettings["UpLoadPath"];
public static long UpLoadMaxSize = Convert.ToInt64(System.Configuration.ConfigurationManager.AppSettings["UpLoadMaxSize"]);
public static string UpLoadPathUser = System.Configuration.ConfigurationManager.AppSettings["UpLoadPathUser"];
public static string UpLoadAD = System.Configuration.ConfigurationManager.AppSettings["UpLoadAD"];
public static string UpLoadFileType = System.Configuration.ConfigurationManager.AppSettings["UpLoadFileType"];
/// <summary>
/// 数据库连接超时时间
/// </summary>
public static int timeOut = 600;
/// <summary>
/// 调用存储过程带返回DataSet方法
/// </summary>
/// <param name="Proc_Name">存储过程名</param>
/// <param name="sc">存储过程参数集合</param>
/// <returns>返回DataSet,出错则返回null</returns>
public static DataSet Execute_Proc_Re_Ds(string Proc_Name,SqlParameter[] sp)
{
try
{
SqlConnection conn = new SqlConnection(Comm.STR_CONN);
SqlCommand cmd = new SqlCommand(Proc_Name,conn);
cmd.CommandTimeout = timeOut;
cmd.CommandType = CommandType.StoredProcedure;
for(int i=0;i<sp.Length;i++)
{
cmd.Parameters.Add(sp[i]);
}
SqlDataAdapter ad = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
ad.Fill(ds);
conn.Dispose();
cmd.Dispose();
ad.Dispose();
return ds;
}
catch(Exception ex)
{
string str = ex.Message;
return null;
}
}
/// <summary>
/// 调用存储过程,返回是否成功
/// </summary>
/// <param name="Proc_Name">存储过程名</param>
/// <param name="sc">存储过程参数集合</param>
/// <returns>返回是否执行成功</returns>
public static bool Execute_Proc_Re_Bool(string Proc_Name,SqlParameter[] sp)
{
try
{
SqlConnection conn = new SqlConnection(Comm.STR_CONN);
SqlCommand cmd = new SqlCommand(Proc_Name,conn);
cmd.CommandTimeout = timeOut;
cmd.CommandType = CommandType.StoredProcedure;
for(int i=0;i<sp.Length;i++)
{
cmd.Parameters.Add(sp[i]);
}
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
conn.Dispose();
cmd.Dispose();
return true;
}
catch(Exception ex)
{
string s = ex.Message;
return false;
}
}
/// <summary>
/// 执行不带返回值的SqlCommand
/// </summary>
/// <param name="cmd">要执行的SqlCommand</param>
/// <returns>返回的DataSet,出错返回null</returns>
public static bool Execute_SqlCommand_Re_Bool(SqlCommand cmd)
{
try
{
SqlConnection conn = new SqlConnection(Comm.STR_CONN);
cmd.CommandTimeout = timeOut;
cmd.Connection = conn;
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
conn.Dispose();
cmd.Dispose();
return true;
}
catch
{
return false;
}
}
/// <summary>
/// 执行SQL字符串,返回DataSet
/// </summary>
/// <param name="sql">要执行的Sql字符串</param>
/// <returns>返回的DataSet</returns>
public static DataSet Execute_strSql_Re_Ds(string sql)
{
try
{
SqlConnection conn = new SqlConnection(Comm.STR_CONN);
DataSet ds = new DataSet();
SqlDataAdapter ad = new SqlDataAdapter(sql,conn);
ad.SelectCommand.CommandTimeout = timeOut;
ad.Fill(ds);
conn.Dispose();
ad.Dispose();
return ds;
}
catch
{
return null;
}
}
//=================
public static string Execute_strSql_Re_int(string sql,string TableName)
{
try
{
SqlConnection conn = new SqlConnection(Comm.STR_CONN);
DataSet ds = new DataSet();
SqlDataAdapter ad = new SqlDataAdapter(sql, conn);
ad.SelectCommand.CommandTimeout = timeOut;
ad.Fill(ds);
ad.Dispose();
DataSet dds = new DataSet();
string sqlstr = "select Max(F_ID) from " + TableName;
SqlDataAdapter aad = new SqlDataAdapter(sqlstr,conn);
aad.SelectCommand.CommandTimeout = timeOut;
aad.Fill(dds);
conn.Dispose();
aad.Dispose();
return dds.Tables[0].Rows[0][0].ToString();
}
catch
{
return "-1";
}
}
/// <summary>
/// 执行SQL字符串,返回DataTable
/// </summary>
/// <param name="sql">要执行的Sql字符串</param>
/// <returns>返回的DataTable</returns>
public static DataTable Execute_strSql_Re_Dt(string sql)
{
try
{
SqlConnection conn = new SqlConnection(Comm.STR_CONN);
DataTable dt = new DataTable();
SqlDataAdapter ad = new SqlDataAdapter(sql,conn);
ad.SelectCommand.CommandTimeout = timeOut;
ad.Fill(dt);
conn.Dispose();
ad.Dispose();
return dt;
}
catch
{
return null;
}
}
/// <summary>
/// 执行SQL语句,返回是否成功
/// </summary>
/// <param name="sql">要执行的SQL字符串</param>
/// <returns>是否成功</returns>
public static bool Execute_strSql_Re_Bool(string sql)
{
try
{
SqlConnection conn = new SqlConnection(Comm.STR_CONN);
SqlCommand cmd = new SqlCommand(sql,conn);
cmd.CommandTimeout = timeOut;
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
conn.Dispose();
cmd.Dispose();
return true;
}
catch
{
return false;
}
}
/// <summary>
/// 执行SqlCommand返回DataSet
/// </summary>
/// <param name="cmd">要执行的SqlCommand</param>
/// <returns>返回的DataSet,出错返回null</returns>
public static DataSet Execute_Sql_Re_Ds(SqlCommand cmd)
{
try
{
SqlConnection conn = new SqlConnection(Comm.STR_CONN);
cmd.Connection = conn;
DataSet ds = new DataSet();
SqlDataAdapter ad = new SqlDataAdapter(cmd);
ad.SelectCommand.CommandTimeout = timeOut;
ad.Fill(ds);
conn.Dispose();
ad.Dispose();
if (ds.Tables[0].Rows[0][0].ToString() != "")
{
return ds;
}
else
{
return null;
}
}
catch
{
return null;
}
}
/// <summary>
/// 绑定DropDownList方法
/// </summary>
/// <param name="ddl">要绑定的DropDownList</param>
/// <param name="ds">DataSet数据源</param>
/// <param name="str_Text">DataTable中设为文本的字段名</param>
/// <param name="str_Value">DataTable中设为值得字段名</param>
public static void DropDownListBind(ref System.Web.UI.WebControls.DropDownList ddl,DataTable dt,string str_Text,string str_Value)
{
ddl.DataTextField = str_Text;
ddl.DataValueField = str_Value;
ddl.DataSource = dt;
ddl.DataBind();
ddl.Items.Insert(0,new System.Web.UI.WebControls.ListItem("",""));
}
/// <summary>
/// 绑定DropDownList方法
/// </summary>
/// <param name="ddl">要绑定的DropDownList</param>
/// <param name="ds">DataSet数据源</param>
/// <param name="str_Text">DataTable中设为文本的字段名</param>
/// <param name="str_Value">DataTable中设为值得字段名</param>
/// <param name="blank_yn">是否显示空行</param>
public static void DropDownListBind(ref System.Web.UI.WebControls.DropDownList ddl,DataTable dt,string str_Text,string str_Value,bool blank_yn)
{
ddl.DataTextField = str_Text;
ddl.DataValueField = str_Value;
ddl.DataSource = dt;
ddl.DataBind();
if(blank_yn)
{
ddl.Items.Insert(0,new System.Web.UI.WebControls.ListItem("",""));
}
}
/// <summary>
/// 执行SQL语句,返回第一行第一列
/// </summary>
/// <param name="str_sql">要执行的SQL</param>
/// <returns></returns>
public static object Execute_Sql_Re_Obj(string str_sql)
{
SqlConnection conn = new SqlConnection(STR_CONN);
try
{
SqlCommand cmd = new SqlCommand(str_sql,conn);
cmd.CommandTimeout = timeOut;
conn.Open();
object obj = cmd.ExecuteScalar();
conn.Close();
return obj;
}
catch
{
conn.Close();
return null;
}
}
/// <summary>
/// 执行存储过程,返回第一行第一列
/// </summary>
/// <param name="str_sql">要执行的SQL</param>
/// <returns></returns>
public static object Execute_Proc_Re_Obj(string str_sql,SqlParameter[] sp)
{
SqlConnection conn = new SqlConnection(STR_CONN);
try
{
SqlCommand cmd = new SqlCommand(str_sql,conn);
cmd.CommandTimeout = timeOut;
cmd.CommandType = CommandType.StoredProcedure;
for(int i=0;i<sp.Length;i++)
{
cmd.Parameters.Add(sp[i]);
}
conn.Open();
object obj = cmd.ExecuteScalar();
conn.Close();
return obj;
}
catch(Exception ex)
{
string s = ex.Message;
conn.Close();
return null;
}
}
/// <summary>
/// 字符串转换单引号
/// </summary>
/// <param name="str">要转换的字符串</param>
/// <returns>转换过的字符串</returns>
public static string Trans_String(string str)
{
str = str.Replace("'","'");
str = str.Replace("<","<");
str = str.Replace(">",">");
return str;
}
/// <summary>
/// C#事务方法
/// </summary>
/// <param name="sql">包含在事务中的SQL语句</param>
/// <returns>是否成功</returns>
public static bool Trancastion_Sql(string[] sql)
{
SqlConnection conn = new SqlConnection(STR_CONN);
SqlCommand cmd = new SqlCommand();
cmd.CommandTimeout = timeOut;
cmd.Connection = conn;
try
{
conn.Open();
cmd.Transaction = conn.BeginTransaction();
}
catch
{
conn.Close();
return false;
}
try
{
foreach(string str in sql)
{
if(str != null)
{
if(str.Trim() != "")
{
cmd.CommandText = str;
cmd.ExecuteNonQuery();
}
}
}
cmd.Transaction.Commit();
conn.Close();
return true;
}
catch
{
cmd.Transaction.Rollback();
conn.Close();
return false;
}
}
/// <summary>
/// 选中DropDownList
/// </summary>
/// <param name="ddl"></param>
/// <param name="selectedValue"></param>
/// <returns></returns>
public static void SetSelected(System.Web.UI.WebControls.DropDownList DropDownList1,string selectedValue)
{
for(int i=0;i<DropDownList1.Items.Count;i++)
{
DropDownList1.Items[i].Selected = false;
if(DropDownList1.Items[i].Value==selectedValue.Trim())
{
DropDownList1.Items[i].Selected = true;
}
}
}
/// <summary>
/// 邦定DropDownList
/// </summary>
/// <param name="objDs">DataSource</param>
/// <param name="DropDownList1">DropDownList</param>
/// <param name="DataTextField">DataTextField</param>
/// <param name="DataValueField">DataValueField</param>
/// <param name="isInsertItem">isInsertItem</param>
public static void DataBind(DataSet objDs,System.Web.UI.WebControls.DropDownList DropDownList1,string DataTextField,string DataValueField,bool isInsertItem)
{
DropDownList1.DataSource = objDs;
DropDownList1.DataTextField = DataTextField;
DropDownList1.DataValueField = DataValueField;
DropDownList1.DataBind();
if(isInsertItem)
{
ListItem item = new ListItem("----- 请选择 -----","-1");
DropDownList1.Items.Insert(0,item);
}
}
/// <summary>
/// 邦定DropDownList
/// </summary>
/// <param name="objDs">DataSource</param>
/// <param name="DropDownList1">DropDownList</param>
/// <param name="DataTextField">DataTextField</param>
/// <param name="DataValueField">DataValueField</param>
/// <param name="isInsertItem">isInsertItem</param>
/// <param name="insertItemText">insertItemText</param>
public static void DataBind(DataSet objDs,System.Web.UI.WebControls.DropDownList DropDownList1,string DataTextField,string DataValueField,bool isInsertItem,string insertItemText)
{
DropDownList1.DataSource = objDs;
DropDownList1.DataTextField = DataTextField;
DropDownList1.DataValueField = DataValueField;
DropDownList1.DataBind();
if(isInsertItem)
{
ListItem item = new ListItem(insertItemText,"-1");
DropDownList1.Items.Insert(0,item);
}
}
/// <summary>
/// 邦定DropDownList(重载)
/// </summary>
/// <param name="objDt"></param>
/// <param name="DropDownList1"></param>
/// <param name="DataTextField"></param>
/// <param name="DataValueField"></param>
/// <param name="isInsertItem"></param>
public static void DataBind(DataTable objDt,System.Web.UI.WebControls.DropDownList DropDownList1,string DataTextField,string DataValueField,bool isInsertItem)
{
DropDownList1.DataSource = objDt;
DropDownList1.DataTextField = DataTextField;
DropDownList1.DataValueField = DataValueField;
DropDownList1.DataBind();
if(isInsertItem)
{
ListItem item = new ListItem("----- 请选择 -----","-1");
DropDownList1.Items.Insert(0,item);
}
}
public static void DataBind(System.Web.UI.WebControls.DropDownList DropDownList1,Int32 Num)
{
for(int i=1;i<=Num;i++)
{
ListItem item = new ListItem(i.ToString(),i.ToString());
DropDownList1.Items.Add(item);
}
}
public static bool IsValidFileType(string fileType)
{
string accFileType = Comm.UpLoadFileType;
string[] aryaccFileType = accFileType.Split(',');
for(int i=0;i<aryaccFileType.Length;i++)
{
if(aryaccFileType[i] == fileType.ToUpper())
{
return true;
}
}
return false;
}
public static void NewLocation(string strMsg,string goUrl)
{
string strClientScript = "";
strClientScript += "<Script>";
strClientScript += "alert('"+strMsg+"');";
strClientScript += "parent.location.href='"+goUrl+"';";
strClientScript += "</Script>";
System.Web.HttpContext.Current.Response.Write(strClientScript);
System.Web.HttpContext.Current.Response.End();
}
public static void NewLocation(string strMsg,int step)
{
string strClientScript = "";
strClientScript += "<Script>";
strClientScript += "alert('" + strMsg + "');";
//strClientScript += "parent.location.href='" + goUrl + "';";
if (step == 1)
{
strClientScript += "history.go(-1);";
}
strClientScript += "</Script>";
System.Web.HttpContext.Current.Response.Write(strClientScript);
System.Web.HttpContext.Current.Response.End();
}
public static void NewLocation(string strMsg, string goUrl,bool CurrLevel)
{
string strClientScript = "";
strClientScript += "<Script>";
strClientScript += "alert('" + strMsg + "');";
strClientScript += "location.href='" + goUrl + "';";
strClientScript += "</Script>";
System.Web.HttpContext.Current.Response.Write(strClientScript);
System.Web.HttpContext.Current.Response.End();
}
public static void CheckSession(string level)
{
if(level == "Admin")
{
if(System.Web.HttpContext.Current.Session["Admin_User_ID"] == null)
{
Comm.NewLocation("非法会话","/admin/Login.aspx");
}
}
if(level == "User")
{
if(System.Web.HttpContext.Current.Session["User_ID"] == null)
{
Comm.NewLocation("非法会话","/index.aspx");
}
}
}
public static string ProcString(string str)
{
string result = "";
if(str != "")
{
result = str.Replace("/r/n","<br>");
}
return result;
}
public static void NewLocation(string p)
{
throw new Exception("The method or operation is not implemented.");
}
/// <summary>
/// 验证用户cookies
/// </summary>
/// <param name="level">用户的类型</param>
/// admin 管理员
/// username 会员
public static void CheckCookies(string level)
{
if (level == "username")
{
if (System.Web.HttpContext.Current.Request.Cookies["username"] == null)
{
// if (!Comm.Execute_Sql_Re_Obj("select F_ID from T_User where F_Username='" + System.Web.HttpContext.Current.Request.Cookies["username"].Value + "'collate Chinese_PRC_CS_AI"))
Comm.NewLocation("请先登录或注册", "/Login.aspx");
}
}
else
{
if (System.Web.HttpContext.Current.Request.Cookies["admin"] == null)
{
Comm.NewLocation("请先登陆或注册", "/Login.aspx");
}
}
}
public static void ClearCookies(string level)
{
try
{
if (level == "user")
{
System.Web.HttpContext.Current.Response.Cookies["username"].Expires = DateTime.Now;
System.Web.HttpContext.Current.Response.Cookies["userid"].Expires = DateTime.Now;
System.Web.HttpContext.Current.Response.Cookies["userlevel"].Expires = DateTime.Now;
}
else
{
}
}
catch
{ }
}
public static void CheckCompany()
{
CheckCookies("username");
if (System.Web.HttpContext.Current.Request.Cookies["userid"] != null)
{
if( Convert.ToInt32(Comm.Execute_Sql_Re_Obj("select Count(*) from T_Company where F_UseID=" + System.Web.HttpContext.Current.Request.Cookies["userid"].Value))<=0)
{
Comm.NewLocation("请先添加企业资料", "../User/CompanyEdit.aspx",true);
}
}
}
public static string Pagination(string articleid,string strcontent, int ContentLen)
{
//定义变量
int i, BeginPoint, EndPoint, pages, Breakpoint, CurrentPage, pagecount, pagesize;
string pa, articletext = "", contenttext, html = "";
//int BeginPoint,EndPoint;
//变量初始值
Breakpoint = 0;
BeginPoint = 0;//开始查询的字符串位置,初始为0
EndPoint = 0;
pagesize = ContentLen;//定义每页至少显示字符串数
pagecount = 0;
//获得当前的页数
if (System.Web.HttpContext.Current.Request.Params["page"] == "" || System.Web.HttpContext.Current.Request.Params["page"] == null)
{ CurrentPage = 1; }
else
{
CurrentPage = Convert.ToInt32(System.Web.HttpContext.Current.Request.Params["page"]);
}
//获得内容
contenttext = strcontent;
//判断页面的内容长度是否大于定义的每页至少显示字符串数
if (contenttext.Length >= pagesize)//如果大于字符串数,则我们可以分页显示
{
pages = contenttext.Length / pagesize;//获得大致的总页数
//根据目前获得的页数循环
for (i = 0; i <= pages; i++)
{
//如果查询开始位置到查询的范围超出整个内容的长度,那么就不用寻找断点(分页点);反之,查找
if (BeginPoint + pagesize < contenttext.Length)
{
Breakpoint = contenttext.IndexOf("<br />", BeginPoint + pagesize);//查找<br />分页点的位置
if (Breakpoint <= 0)//如果找不到
Breakpoint = contenttext.IndexOf("<BR />", BeginPoint + pagesize);//查找<BR />分页点的位置;这里您可以自己设置分页点的判断
if (Breakpoint <= 0)//如果找不到
Breakpoint = contenttext.IndexOf("</P>", BeginPoint + pagesize);//查找</p>分页点的位置;这里您可以自己设置分页点的判断
if (Breakpoint <= 0)//如果找不到
Breakpoint = contenttext.IndexOf("</p>", BeginPoint + pagesize);//查找</p>分页点的位置;这里您可以自己设置分页点的判断
}
if (Breakpoint <= 0)//如果找不到分页点,说明不能分页,也就不需要做其他的劳动了;否则,就进行分页
articletext = contenttext;//将结果付给要导出的变量
else
{
EndPoint = Breakpoint;//分页点的位置也就作为这一页的终点位置
if (BeginPoint + pagesize >= contenttext.Length)//如果起始位置到查询的范围超出整个内容的长度,那么这一页的终点位置为内容的终点
EndPoint = contenttext.Length;
if (CurrentPage == i + 1)//如果是当前,那么输出当前页的内容
articletext = contenttext.Substring(BeginPoint, EndPoint - BeginPoint);//取内容的起始位置到终点位置这段字符串输出
BeginPoint = Breakpoint;//将终点位置作为下一页的起始位置
pagecount++;//获得实际页总数
}
}
}
else
{ articletext = contenttext; }
if (pagecount > 1)
{
articletext += "<p>";
for (i = 1; i <= pagecount; i++)
{
if (i == CurrentPage)
articletext += "<b>[" + i + "]</b> ";
else
articletext += "<a href='?id=" + articleid + "&page=" + i + "'>[" + i + "]</a>";
}
}
return articletext;
}
public static StringBuilder AutoPagination(string articleid, string strcontent, int ContentLen)
{
//定义变量
int i, BeginPoint, EndPoint, pages, Breakpoint, CurrentPage, pagecount, pagesize;
string pa, contenttext, html = "";
StringBuilder articletext = new StringBuilder();
//int BeginPoint,EndPoint;
//变量初始值
Breakpoint = 0;
BeginPoint = 0;//开始查询的字符串位置,初始为0
EndPoint = 0;
pagesize = ContentLen;//定义每页至少显示字符串数
pagecount = 0;
//获得当前的页数
if (System.Web.HttpContext.Current.Request.Params["page"] == "" || System.Web.HttpContext.Current.Request.Params["page"] == null)
{ CurrentPage = 1; }
else
{
CurrentPage = Convert.ToInt32(System.Web.HttpContext.Current.Request.Params["page"]);
}
//获得内容
contenttext = strcontent;
//判断页面的内容长度是否大于定义的每页至少显示字符串数
if (contenttext.Length >= pagesize)//如果大于字符串数,则我们可以分页显示
{
pages = contenttext.Length / pagesize;//获得大致的总页数
//根据目前获得的页数循环
for (i = 0; i <= pages; i++)
{
//如果查询开始位置到查询的范围超出整个内容的长度,那么就不用寻找断点(分页点);反之,查找
if (BeginPoint + pagesize < contenttext.Length)
{
Breakpoint = contenttext.IndexOf("<br />", BeginPoint + pagesize);//查找<br />分页点的位置
if (Breakpoint <= 0)//如果找不到
Breakpoint = contenttext.IndexOf("<BR />", BeginPoint + pagesize);//查找<BR />分页点的位置;这里您可以自己设置分页点的判断
if (Breakpoint <= 0)//如果找不到
Breakpoint = contenttext.IndexOf("</P>", BeginPoint + pagesize);//查找</p>分页点的位置;这里您可以自己设置分页点的判断
if (Breakpoint <= 0)//如果找不到
Breakpoint = contenttext.IndexOf("</p>", BeginPoint + pagesize);//查找</p>分页点的位置;这里您可以自己设置分页点的判断
}
if (Breakpoint <= 0)//如果找不到分页点,说明不能分页,也就不需要做其他的劳动了;否则,就进行分页
{
articletext.Remove(0, articletext.Length);
articletext.Append(contenttext);
}//将结果付给要导出的变量
else
{
EndPoint = Breakpoint;//分页点的位置也就作为这一页的终点位置
if (BeginPoint + pagesize >= contenttext.Length)//如果起始位置到查询的范围超出整个内容的长度,那么这一页的终点位置为内容的终点
EndPoint = contenttext.Length;
if (CurrentPage == i + 1)//如果是当前,那么输出当前页的内容
{
articletext.Remove(0, articletext.Length);
articletext.Append(contenttext.Substring(BeginPoint, EndPoint - BeginPoint));
}//取内容的起始位置到终点位置这段字符串输出
BeginPoint = Breakpoint;//将终点位置作为下一页的起始位置
pagecount++;//获得实际页总数
}
}
}
else
{ articletext.Append(contenttext); }
if (pagecount > 1)
{
articletext.Append("<p>") ;
for (i = 1; i <= pagecount; i++)
{
if (i == CurrentPage)
articletext.Append("<b>[" + i + "]</b> ");
else
articletext.Append("<a href='?id=" + articleid + "&page=" + i + "'>[" + i + "]</a>");
}
}
return articletext;
}
public static string htmlstr(string chr)
{
if (chr == null&&chr=="")
return "";
chr = chr.Replace("<", "<");
chr = chr.Replace(">", ">");
chr = chr.Replace("/n", "<br>");
chr = chr.Replace("/"", """);
chr = chr.Replace("'", "'");
//chr = chr.Replace(" ", " ");
chr = chr.Replace("/r", "");
return (chr);
}
public static string GetUniqueString()//定义时间格试,以后改图片名用
{
//得到的文件名形如:20050922101010
return DateTime.Now.ToString("yyyyMMddhhmmss");
}
/// <summary>
///SQL注入过滤
/// </summary>
/// <param name="InText">要过滤的字符串</param>
/// <returns>如果参数存在不安全字符,则返回true</returns>
public static bool SqlFilter(string InText)
{
string word = "and|20%and20%|insert|select|delete|update|chr|mid| master |20%master20%|or|truncate|char|declare|join";
//string word = "and|exec|insert|select|delete|update|chr|mid|master|or|truncate|char|declare|join";
if (InText == null)
return false;
foreach (string i in word.Split('|'))
{
if ((InText.ToLower().IndexOf(i + " ") > -1) || (InText.ToLower().IndexOf(" " + i) > -1))
{
return true;
}
}
return false;
}
}
}