public static class OracleDBHelper
{
public static OracleCommand cmd = null;
public static OracleConnection conn = null;
public static string connstr = ConfigurationManager.ConnectionStrings["DbInsured_oracle"].ConnectionString;
#region 获取Guid方法
public static string GetGuid()
{
string guid = Guid.NewGuid().ToString();
return guid;
}
#endregion
#region 建立数据库连接对象
/// <summary>
/// 建立数据库连接
/// </summary>
/// <returns>返回一个数据库的连接OracleConnection对象</returns>
public static OracleConnection init()
{
try
{
conn = new OracleConnection(connstr);
if (conn.State != ConnectionState.Open)
{
conn.Open();
}
}
catch (Exception e)
{
throw new Exception(e.Message.ToString());
}
return conn;
}
#endregion
#region 设置OracleCommand对象
/// <summary>
/// 设置OracleCommand对象
/// </summary>
/// <param name="cmd">OracleCommand对象 </param>
/// <param name="cmdText">命令文本</param>
/// <param name="cmdType">命令类型</param>
/// <param name="cmdParms">参数集合</param>
private static void SetCommand(OracleCommand cmd, string cmdText, CommandType cmdType, OracleParameter[] cmdParms)
{
cmd.Connection = conn;
cmd.CommandText = cmdText;
cmd.CommandType = cmdType;
if (cmdParms != null)
{
cmd.Parameters.AddRange(cmdParms);
}
}
#endregion
#region 执行相应的sql语句,返回相应的DataSet对象
/// <summary>
/// 执行相应的sql语句,返回相应的DataSet对象
/// </summary>
/// <param name="sqlstr">sql语句</param>
/// <returns>返回相应的DataSet对象</returns>
public static DataSet GetDataSet(string sqlstr)
{
DataSet set = new DataSet();
try
{
init();
OracleDataAdapter adp = new OracleDataAdapter(sqlstr, conn);
adp.Fill(set);
conn.Close();
}
catch (Exception e)
{
throw new Exception(e.Message.ToString());
}
return set;
}
#endregion
#region 执行相应的sql语句,返回相应的DataSet对象
/// <summary>
/// 执行相应的sql语句,返回相应的DataSet对象
/// </summary>
/// <param name="sqlstr">sql语句</param>
/// <param name="tableName">表名</param>
/// <returns>返回相应的DataSet对象</returns>
public static DataSet GetDataSet(string sqlstr, string tableName)
{
DataSet set = new DataSet();
try
{
init();
OracleDataAdapter adp = new OracleDataAdapter(sqlstr, conn);
adp.Fill(set, tableName);
conn.Close();
}
catch (Exception e)
{
throw new Exception(e.Message.ToString());
}
return set;
}
#endregion
#region 执行不带参数sql语句,返回所影响的行数
/// <summary>
/// 执行不带参数sql语句,返回所影响的行数
/// </summary>
/// <param name="cmdstr">增,删,改sql语句</param>
/// <returns>返回所影响的行数</returns>
public static int ExecuteNonQuery(string cmdText)
{
int count;
try
{
init();
cmd = new OracleCommand(cmdText, conn);
count = cmd.ExecuteNonQuery();
conn.Close();
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return count;
}
#endregion
#region 执行带参数sql语句或存储过程,返回所影响的行数
/// <summary>
/// 执行带参数sql语句或存储过程,返回所影响的行数
/// </summary>
/// <param name="cmdText">带参数的sql语句和存储过程名</param>
/// <param name="cmdType">命令类型</param>
/// <param name="cmdParms">参数集合</param>
/// <returns>返回所影响的行数</returns>
public static int ExecuteNonQuery(string cmdText, CommandType cmdType, OracleParameter[] cmdParms)
{
int count;
try
{
init();
cmd = new OracleCommand();
SetCommand(cmd, cmdText, cmdType, cmdParms);
count = cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
conn.Close();
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return count;
}
#endregion
#region 执行不带参数sql语句,返回一个从数据源读取数据的OracleDataReader对象
/// <summary>
/// 执行不带参数sql语句,返回一个从数据源读取数据的OracleDataReader对象
/// </summary>
/// <param name="cmdstr">相应的sql语句</param>
/// <returns>返回一个从数据源读取数据的OracleDataReader对象</returns>
public static OracleDataReader ExecuteReader(string cmdText)
{
OracleDataReader reader;
try
{
init();
cmd = new OracleCommand(cmdText, conn);
reader = cmd.ExecuteReader(CommandBehavior.CloseConnection);
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return reader;
}
#endregion
#region 执行带参数的sql语句或存储过程,返回一个从数据源读取数据的OracleDataReader对象
/// <summary>
/// 执行带参数的sql语句或存储过程,返回一个从数据源读取数据的OracleDataReader对象
/// </summary>
/// <param name="cmdText">sql语句或存储过程名</param>
/// <param name="cmdType">命令类型</param>
/// <param name="cmdParms">参数集合</param>
/// <returns>返回一个从数据源读取数据的OracleDataReader对象</returns>
public static OracleDataReader ExecuteReader(string cmdText, CommandType cmdType, OracleParameter[] cmdParms)
{
OracleDataReader reader;
try
{
init();
cmd = new OracleCommand();
SetCommand(cmd, cmdText, cmdType, cmdParms);
reader = cmd.ExecuteReader(CommandBehavior.CloseConnection);
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return reader;
}
#endregion
#region 执行带参数的sql语句或存储过程,返回一个从数据源读取数据的DataSet对象
/// <summary>
/// 执行带参数的sql语句或存储过程,返回一个从数据源读取数据的OracleDataReader对象
/// </summary>
/// <param name="cmdText">sql语句或存储过程名</param>
/// <param name="cmdType">命令类型</param>
/// <param name="cmdParms">参数集合</param>
/// <returns>返回一个从数据源读取数据的OracleDataReader对象</returns>
public static DataSet ExecuteReaderByDataSet(string cmdText, CommandType cmdType, OracleParameter[] cmdParms)
{
DataSet set = new DataSet();
try
{
init();
OracleDataAdapter adp = new OracleDataAdapter(cmdText, conn);
adp.SelectCommand.Parameters.AddRange(cmdParms);
adp.Fill(set, "personInfo");
conn.Close();
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return set;
}
/// <summary>
/// 不带参数DataSet
/// </summary>
/// <returns></returns>
public static DataSet ExecuteReaderByDataSet(string cmdText)
{
DataSet set = new DataSet();
try
{
init();
OracleDataAdapter adp = new OracleDataAdapter(cmdText, conn);
adp.Fill(set, "Ds");
conn.Close();
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return set;
}
#endregion
/// <summary>
/// 读取数据
/// </summary>
/// <param name="cmdText"></param>
/// OracleDataAdapter读取数据
/// <returns></returns>
public static DataSet ExecuteDataReader(string cmdText)
{
OracleDataAdapter odataAdapter;
DataSet ds = new DataSet();
try
{
init();
odataAdapter = new OracleDataAdapter(cmdText, conn);
odataAdapter.Fill(ds, "personInfo");
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return ds;
}
#region 执行不带参数sql语句,返回结果集首行首列的值object
/// <summary>
/// 执行不带参数sql语句,返回结果集首行首列的值object
/// </summary>
/// <param name="cmdstr">相应的sql语句</param>
/// <returns>返回结果集首行首列的值object</returns>
public static object ExecuteScalar(string cmdText)
{
object obj;
try
{
init();
cmd = new OracleCommand(cmdText, conn);
obj = cmd.ExecuteScalar();
conn.Close();
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return obj;
}
#endregion
#region 执行带参数sql语句或存储过程,返回结果集首行首列的值object
/// <summary>
/// 执行带参数sql语句或存储过程,返回结果集首行首列的值object
/// </summary>
/// <param name="cmdText">sql语句或存储过程名</param>
/// <param name="cmdType">命令类型</param>
/// <param name="cmdParms">返回结果集首行首列的值object</param>
/// <returns></returns>
public static object ExecuteScalar(string cmdText, CommandType cmdType, OracleParameter[] cmdParms)
{
object obj;
try
{
init();
cmd = new OracleCommand();
SetCommand(cmd, cmdText, cmdType, cmdParms);
obj = cmd.ExecuteScalar();
conn.Close();
}
catch (Exception ex)
{
throw new Exception(ex.Message.ToString());
}
return obj;
}
#endregion
#region DataSet装换为泛型集合
/// <summary>
/// DataSet装换为泛型集合
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="p_DataSet">DataSet</param>
/// <param name="p_TableIndex">待转换数据表索引</param>
/// <returns></returns>
/// 2008-08-01 22:46 HPDV2806
public static IList<T> DataSetToIList<T>(DataSet p_DataSet, int p_TableIndex)
{
if (p_DataSet == null || p_DataSet.Tables.Count < 0)
return null;
if (p_TableIndex > p_DataSet.Tables.Count - 1)
return null;
if (p_TableIndex < 0)
p_TableIndex = 0;
DataTable p_Data = p_DataSet.Tables[p_TableIndex];
// 返回值初始化
IList<T> result = new List<T>();
for (int j = 0; j < p_Data.Rows.Count; j++)
{
T _t = (T)Activator.CreateInstance(typeof(T));
PropertyInfo[] propertys = _t.GetType().GetProperties();
foreach (PropertyInfo pi in propertys)
{
for (int i = 0; i < p_Data.Columns.Count; i++)
{
// 属性与字段名称一致的进行赋值
if (pi.Name.ToLower().Equals(p_Data.Columns[i].ColumnName.ToLower()))
{
try
{
// 数据库NULL值单独处理
if (p_Data.Rows[j][i].GetType() == typeof(DateTime))
{
pi.SetValue(_t, p_Data.Rows[j][i], null);
}else if (p_Data.Rows[j][i] != DBNull.Value)
pi.SetValue(_t, p_Data.Rows[j][i].ToString(), null);
else
pi.SetValue(_t, null, null);
break;
}
catch (Exception ex)
{
throw;
}
}
}
}
result.Add(_t);
}
return result;
}
#endregion
#region 防止SQL注入方法
public static string FilterSql(string s)
{
if (string.IsNullOrEmpty(s)) return string.Empty;
s = s.Trim().ToLower();
s = s.Replace("=", "");
s = s.Replace("'", "");
s = s.Replace(";", "");
s = s.Replace(" or ", "");
s = s.Replace("select", "");
s = s.Replace("update", "");
s = s.Replace("insert", "");
s = s.Replace("delete", "");
s = s.Replace("declare", "");
s = s.Replace("exec", "");
s = s.Replace("drop", "");
s = s.Replace("create", "");
s = s.Replace("%", "");
s = s.Replace("--", "");
return s;
}
#endregion
}
