表单Form辅助类的设计
其实,我们日常的软件开发大多是管理软件,而管理软件更多的就是表单处理,因为所谓信息化不就是将企业那么多的文档管理资料通过IT手段数字化,信息化,所以表单有着重要的位置,但是在大型项目中,我们肯定不能像dome一样,实现数据绑定,很多的时候,大量的表单重用,大量的用户控件的使用,必须使用一种可复用性的设计来满足项目的需求。
1.首先看如何通过URI连接中取值绑定到控件上
通过URI绑定数据
/// <summary>
/// 众Url链接中取值绑定控件上。
/// </summary>
/// <param name="queryStringArr">Url链接参数名称</param>
/// <param name="contrlNameArr">服务器控件名称</param>
/// <param name="container">控件所在的容器</param>
/// <remarks>本方法与 QueryForm 的区别为 传入本方法的控件都必需为服务器端控件</remarks>
public static void BindControlsValue(string[] queryStringArr,string[] contrlNameArr,Control container)
{
for (int i = 0; i < queryStringArr.Length; i++)
{
if (HttpContext.Current.Request.QueryString[queryStringArr[i]] != null)
{
string queryString = HttpContext.Current.Request.QueryString[queryStringArr[i]].Trim();
string contrlName = contrlNameArr[i];
BindValueToControl(queryString, contrlName, container);
}
}
}
2.通过遍历传过来的数据得到了数据值queryString,控件名 contrlName,kongjian 控件容器container
代码
/// <summary>
/// 绑定值到控件上
/// </summary>
/// <param name="value">值</param>
/// <param name="ctrlName">控件名称</param>
/// <param name="container">页面容器,控件所在的页面容器。</param>
public static void BindValueToControl(string value, string ctrlName, Control container)
{
Control control = container.FindControl(ctrlName);
if (control == null)
return;
if (control is ListControl)
{
ListControl listControl = (ListControl)control;
try
{
listControl.SelectedIndex = listControl.Items.IndexOf(listControl.Items.FindByValue(value));
}
catch (Exception exc)
{
throw exc;
}
}
else if (control is TextBox)
{
TextBox txt = (TextBox)control;
txt.Text = value;
}
else if (control is CheckBox)
{
if (value == "1")
{
CheckBox chk = (CheckBox)control;
chk.Checked = true;
}
}
else if (control is RadioButton)
{
if (value == "1")
{
RadioButton rdo = (RadioButton)control;
rdo.Checked = true;
}
}
}
3.获取提交的信息
代码
public static string QueryForm(string[] QryArr, string[] FormArr, int[] FieldType)
{
//查询
int i = 0;
string js = "";
for (i = 0; i < QryArr.Length; i++)
{
if (HttpContext.Current.Request.QueryString[QryArr[i]] != null)
{
//调用外部的
js = js + " WebVlaue('" + FormArr[i] + "','" + HttpContext.Current.Request.QueryString[QryArr[i]].Trim() + "');";
}
}
if (js != "")
{
return "<Script language='JavaScript'> " + js + "</Script>";
}
return "";
}
4.获取提交后缀
代码
public static String QueryString(string[] QryArr,string[] QryValue,int[] FieldType)
{
//查询
string QurStr="";
for (int i = 0; i < QryArr.Length; i++)
{
if (QryValue[i]!="" & QryValue[i] !=null )
{
switch (FieldType[i])
{
//int
case 1:
{
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QryValue[i],1);
break;
}
//varchar =
case 2:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QryValue[i],0);
break;
//varchar like
case 3:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QryValue[i],0);
break;
//start time
case 4:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QryValue[i],2);
break;
//end time
case 5:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QryValue[i],2);
break;
// in
case 6:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QryValue[i],0);
break;
case 7:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QryValue[i],0);
break;
case 9:
QurStr = QurStr + "&" + QryArr[i] + "=" + SafeData(QryValue[i], 0);
break;
case 10:
QurStr = QurStr + "&" + QryArr[i] + "=" + SafeData(QryValue[i], 0);
break;
default:
break;
}
};
}
return QurStr;
}
代码
public static String QueryString(string[] QryArr,int[] FieldType)
{
//查询
string QurStr="";
for (int i = 0; i < QryArr.Length; i++)
{
string QurValue="";
if (HttpContext.Current.Request.QueryString[QryArr[i]]!=null)
QurValue =HttpContext.Current.Request.QueryString[QryArr[i]].ToString().Trim();
if (QurValue!="" & QurValue !=null )
{
switch (FieldType[i])
{
//int
case 1:
{
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QurValue,1);
break;
}
//varchar =
case 2:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QurValue,0);
break;
//varchar like
case 3:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QurValue,0);
break;
//start time
case 4:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QurValue,2);
break;
//end time
case 5:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QurValue,2);
break;
// in
case 6:
QurStr=QurStr + "&"+QryArr[i]+"="+ SafeData(QurValue,0);
break;
case 9:
QurStr = QurStr + "&" + QryArr[i] + "=" + SafeData(QurValue, 0);
break;
case 10:
QurStr = QurStr + "&" + QryArr[i] + "=" + SafeData(QurValue, 0);
break;
default:
break;
}
};
}
return QurStr;
}
代码
/// <summary>
/// 获取链接QuerySql
/// </summary>
/// <param name="QryArr">后缀名称</param>
/// <param name="FieldArr">对应字段</param>
/// <param name="FieldType">对应字段类别</param>
/// <returns></returns>
public static String QuerySql(string[] QryArr,string[] FieldArr,int[] FieldType)
{
//查询
string QurStr="";
string WhereAnd=" and ";
for (int i = 0; i < QryArr.Length; i++)
{
string QurValue="";
if (HttpContext.Current.Request.QueryString[QryArr[i]]!=null)
QurValue =HttpContext.Current.Request.QueryString[QryArr[i]].ToString().Trim();
if (QurValue!="" & QurValue !=null )
{
switch (FieldType[i])
{
//int
case 1:
{
QurStr=QurStr + WhereAnd + FieldArr[i]+"="+ SafeData(QurValue,1);
break;
}
//varchar =
case 2:
QurStr=QurStr + WhereAnd + FieldArr[i]+"='"+ SafeData(QurValue,0)+"'";
break;
//varchar like
case 3:
QurStr=QurStr + WhereAnd + FieldArr[i]+" like '%"+ SafeData(QurValue,0)+"%'";
break;
//start time
case 4:
QurStr=QurStr + WhereAnd+ FieldArr[i]+" >= '"+ SafeData(QurValue,2)+"'";
break;
//end time
case 5:
QurStr=QurStr + WhereAnd+ FieldArr[i]+" <= '"+ SafeData(QurValue,2)+" 23:59:59'";
break;
// in
case 6:
QurStr=QurStr + WhereAnd + "CHARINDEX(',"+SafeData(QurValue,0)+",', ','+"+ FieldArr[i] +"+',')>0";
break;
// in
case 7:
QurStr=QurStr + WhereAnd + FieldArr[i] +"in ("+SafeData(QurValue,0)+")";
break;
case 9:
QurStr = QurStr + WhereAnd + "year(" + FieldArr[i] + ")=" + SafeData(QurValue, 0);
break;
case 10:
QurStr = QurStr + WhereAnd + "month(" + FieldArr[i] + ")=" + SafeData(QurValue, 0);
break;
default:
break;
}
};
}
return QurStr;
}
代码
/// <summary>
/// 获取链接QueryDictionary
/// </summary>
/// <param name="QryArr">后缀名称</param>
/// <returns></returns>
public static IDictionary QueryDictionary(string[] QryArr)
{
HybridDictionary dictionary = new HybridDictionary();
for (int i = 0; i < QryArr.Length; i++)
{
string QurValue = "";
if (HttpContext.Current.Request.QueryString[QryArr[i]] != null)
QurValue = HttpContext.Current.Request.QueryString[QryArr[i]].ToString().Trim();
if (!string.IsNullOrEmpty(QurValue))
{
dictionary.Add(QryArr[i], SafeData(QurValue, 0));
}
}
return dictionary;
}
代码
/// <summary>
/// 防止sql注入
/// <param name="ParaValue">待判断的值</param>
/// <param name="ParaType">ParaValue的类型:0字符型 1 数字型 </param>
/// <returns>返回布尔值,确定数据是否正确</returns>
/// </summary>
public static string SafeData(string ParaValue,int ParaType)
{
string SafeValue=ParaValue.Trim().Replace("'","’").Replace(";","").Replace("--","");
string RtnMsg="";
if (ParaType==1)
{
if (!ValidateUtil.IsBlank(ParaValue) & !ValidateUtil.IsNumeric(ParaValue))
{
RtnMsg= "参数非法!";
ScriptUtil.Alert(RtnMsg);
ScriptUtil.GoHistory(-1);
HttpContext.Current.Response.End();
}
}
else
if (ParaType==0)
{
if (!ValidateUtil.IsBlank(ParaValue) & (SafeValue.Trim().IndexOf("'")>=0))
{
RtnMsg= "参数非法!";
ScriptUtil.Alert(RtnMsg);
ScriptUtil.GoHistory(-1);
HttpContext.Current.Response.End();
}
}
else
if(ParaType==2)
{
if (!DateUtil.IsDateTime(ParaValue))
{
RtnMsg= "参数非法!";
ScriptUtil.Alert(RtnMsg);
ScriptUtil.GoHistory(-1);
HttpContext.Current.Response.End();
}
}
return SafeValue;
}
