SQL-服务器查询未在 Umbraco C# 控制器中正确执行
SQL-Server Query not executing correctly in Umbraco C# Controller
所以我的代码似乎 运行 没问题,没有抛出异常或错误,但是当我在 "import complete" 警报跳转后检查我的数据库 table 时,那里什么也没有.
请注意:
我指的是 SaveLT 函数中的查询
这是我的 C# 控制器:
using UmbracoImportExportPlugin.Models;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Web;
using System.Web.Mvc;
using Umbraco.Core.Persistence;
using Umbraco.Web;
using Umbraco.Web.WebApi;
namespace UmbracoImportExportPlugin.App_Code
{
public class ImportNewDictionaryController : UmbracoAuthorizedApiController
{
public string basePath;
//Locate specific path
public void LocatePath()
{
this.basePath = System.Web.Hosting.HostingEnvironment.MapPath(@"/upload");
}
[System.Web.Http.AcceptVerbs("GET", "POST")]
//[System.Web.Http.HttpPost]
public void SaveFile()
{
var myContext = Request.TryGetHttpContext();
List<string> keys = new List<string>();
if (myContext.Success)
{
HttpPostedFileBase myFile = myContext.Result.Request.Files["file"];
if (myFile == null)
{
throw new HttpException("invalid file");
}
else
{
StreamReader csvreader = new StreamReader(myFile.InputStream);
while (!csvreader.EndOfStream)
{
var line = csvreader.ReadLine();
if (line != "Key")
keys.Add(line);
}
}
UmbracoDatabase db = ApplicationContext.DatabaseContext.Database;
var remove = new Sql("DELETE FROM cmsDictionary");
int rem = db.Execute(remove);
foreach (string item in keys)
{
var insert = new Sql("INSERT INTO cmsDictionary VALUES (NEWID(), null,'" + item + "')");
int res = db.Execute(insert);
}
}
}
[System.Web.Http.AcceptVerbs("GET", "POST")]
public void SaveLT()
{
List<string> id = new List<string>();
var myContext = Request.TryGetHttpContext();
List<string> data = new List<string>();
if (myContext.Success)
{
HttpPostedFileBase myFile = myContext.Result.Request.Files["file"];
if (myFile == null)
{
throw new HttpException("invalid file");
}
else
{
StreamReader csvreader = new StreamReader(myFile.InputStream);
while (!csvreader.EndOfStream)
{
var line = csvreader.ReadLine();
if (line != "Value")
data.Add(line);
}
}
UmbracoDatabase db = ApplicationContext.DatabaseContext.Database;
var remove = new Sql("DELETE FROM cmsLanguageText");
int rem = db.Execute(remove);
for (var i = 1; i < 142; i++ )
{
foreach (string lang in data)
{
foreach (string ident in id)
{
Int32.Parse(ident);
var insertNew = new Sql("INSERT INTO cmsLanguageText (languageId, UniqueId, value) VALUES (" + ident + " , NEWID() , '" + lang + "')");
int res = db.Execute(insertNew);
}
}
}
}
}
public List<int> getList()
{
UmbracoDatabase db = ApplicationContext.DatabaseContext.Database;
var select = new Sql("SELECT [id] FROM umbracoLanguage;");
List<int> id = new List<int>();
id = db.Fetch<int>(select);
return id;
}
public String GetUserName()
{
var current = UmbracoContext.Current;
var user = current.UmbracoUser;
return user.Name.ToString();
}
}
}
这是我的 angular.js 控制器:
angular.module("umbraco")
.controller("ILTController", function ($scope, $http) {
$scope.fileUpload = {};
$scope.uploadLanguage = function () {
var uploadUrl = " /umbraco/backoffice/api/ImportNewDictionary/SaveLT";
var fd = new FormData();
fd.append('file', $scope.fileUpload);
$http.post(uploadUrl, fd, {
transformRequest: angular.identity,
headers: { 'Content-Type': undefined }
})
.success(function (data) {
// ok
alert("Import Complete!");
})
.error(function () {
// handle upload error
alert("Import Unsuccessful!");
})
};
});
angular.module("umbraco").directive("qwSingleLanguageUpload", function () {
return {
restrict: "A",
replace: false,
scope: {
myValue: '=qwSingleLanguageUpload'
},
link: function (scope, element, attr) {
element.bind('change', function () {
scope.myValue = element[0].files[0];
if (scope.$$phase) {
scope.$apply();
}
});
}
}
});
我更关心为什么它不将导入的内容(CSV 文件)导入数据库 table 而不是安全性,因为这是一个 Umbraco 后台插件,导入文件选项卡只能访问由具有特定权限的特定用户。在进行 SQL 注入之前,他们必须访问后台,这是毫无意义的,因为该查询正在更改的任何内容都可以由该用户在仪表板上更改。
知道为什么我的数据库 table 可能无法上传吗?我已经设置了断点,并且 foreach 循环是 运行 所以我不确定现在该做什么。
您设置 List<string> id = new List<string>(),然后执行 foreach (string ident in id)。由于 id 是一个空列表,您没有任何可迭代的内容,因此永远不会到达您的 INSERT 语句。
尝试用一些值填充 id 以进行迭代。
除非我在快速通读时误读了您的代码。
与其尝试 SQL 并将其手动插入数据库,Umbraco 实际上有一个本地化服务和模型:
[System.Web.Http.AcceptVerbs("GET", "POST")]
public void SaveLT()
{
var ls = ApplicationContext.Current.Services.LocalizationService;
//create a holder for the item's DictionaryTranslations
List<DictionaryTranslation> _hello = new List<DictionaryTranslation>();
List<DictionaryTranslation> _submit = new List<DictionaryTranslation>();
List<DictionaryTranslation> _form = new List<DictionaryTranslation>();
List<DictionaryTranslation> _bootstrap = new List<DictionaryTranslation>();
List<DictionaryTranslation> _world = new List<DictionaryTranslation>();
List<DictionaryTranslation> _heaven = new List<DictionaryTranslation>();
List<DictionaryTranslation> _hell = new List<DictionaryTranslation>();
List<DictionaryTranslation> _this = new List<DictionaryTranslation>();
List<DictionaryTranslation> _sublime1 = new List<DictionaryTranslation>();
//the constructor for a DictionaryItem requires the Umbraco language object and value of the translated text
//so get the language object, eg from Iso Code
var language = ls.GetLanguageByIsoCode("he-IL");
var lang1 = ls.GetLanguageByIsoCode("ru");
var lang2 = ls.GetLanguageByIsoCode("en-US");
// here we create a french translation for our item and add it to the list
DictionaryTranslation hebhello = new DictionaryTranslation(language, "שלום");
DictionaryTranslation rushello = new DictionaryTranslation(lang1, "Здравствуйте");
DictionaryTranslation enghello = new DictionaryTranslation(lang2, "Blah");
_hello.Add(hebhello);
_hello.Add(rushello);
_hello.Add(enghello);
DictionaryTranslation hebsubmit = new DictionaryTranslation(language, "שלח");
DictionaryTranslation russubmit = new DictionaryTranslation(lang1, "Отправить");
DictionaryTranslation engsubmit = new DictionaryTranslation(lang2, "Submit");
_submit.Add(hebsubmit);
_submit.Add(russubmit);
_submit.Add(engsubmit);
DictionaryTranslation hebform = new DictionaryTranslation(language, "טופס");
DictionaryTranslation rusform = new DictionaryTranslation(lang1, "форма");
DictionaryTranslation engform = new DictionaryTranslation(lang2, "Form");
_form.Add(hebform);
_form.Add(rusform);
_form.Add(engform);
DictionaryTranslation hebbtstrp = new DictionaryTranslation(language, "אֹזֶן הַנַעַל");
DictionaryTranslation rusbtstrp = new DictionaryTranslation(lang1, "начальная загрузка");
DictionaryTranslation engbtstrp = new DictionaryTranslation(lang2, "Bootstrap");
_bootstrap.Add(hebbtstrp);
_bootstrap.Add(rusbtstrp);
_bootstrap.Add(engbtstrp);
DictionaryTranslation hebworld = new DictionaryTranslation(language, "עוֹלָם");
DictionaryTranslation rusworld = new DictionaryTranslation(lang1, "Мир");
DictionaryTranslation engworld = new DictionaryTranslation(lang2, "World");
_world.Add(hebworld);
_world.Add(rusworld);
_world.Add(engworld);
DictionaryTranslation hebheaven = new DictionaryTranslation(language, "גן העדן");
DictionaryTranslation rusheaven = new DictionaryTranslation(lang1, "небо");
DictionaryTranslation engheaven = new DictionaryTranslation(lang2, "Heaven");
_heaven.Add(hebheaven);
_heaven.Add(rusheaven);
_heaven.Add(engheaven);
DictionaryTranslation hebhell = new DictionaryTranslation(language, "גגֵיהִנוֹם");
DictionaryTranslation rushell = new DictionaryTranslation(lang1, "ад");
DictionaryTranslation enghell = new DictionaryTranslation(lang2, "Hell");
_hell.Add(hebhell);
_hell.Add(rushell);
_hell.Add(enghell);
DictionaryTranslation hebthis = new DictionaryTranslation(language, "זֶה");
DictionaryTranslation rusthis = new DictionaryTranslation(lang1, "это");
DictionaryTranslation engthis = new DictionaryTranslation(lang2, "This");
_this.Add(hebthis);
_this.Add(rusthis);
_this.Add(engthis);
DictionaryTranslation hebsub = new DictionaryTranslation(language, "נִשׂגָב");
DictionaryTranslation russub = new DictionaryTranslation(lang1, "возвышенный");
DictionaryTranslation engsub = new DictionaryTranslation(lang2, "Sublime");
_sublime1.Add(hebsub);
_sublime1.Add(russub);
_sublime1.Add(engsub);
//get or create a DictionaryItem, (passing in the Dictionary Key)
IDictionaryItem hello = ls.DictionaryItemExists("hello_button") ? ls.GetDictionaryItemByKey("hello_button") : new DictionaryItem("hello_button");
IDictionaryItem submit = ls.DictionaryItemExists("submit_button") ? ls.GetDictionaryItemByKey("submit_button") : new DictionaryItem("submit_button");
IDictionaryItem form = ls.DictionaryItemExists("form_button") ? ls.GetDictionaryItemByKey("form_button") : new DictionaryItem("form_button");
IDictionaryItem btstrp = ls.DictionaryItemExists("bootstrap_button") ? ls.GetDictionaryItemByKey("bootstrap_button") : new DictionaryItem("bootstrap_button");
IDictionaryItem world = ls.DictionaryItemExists("world_button") ? ls.GetDictionaryItemByKey("world_button") : new DictionaryItem("world_button");
IDictionaryItem heaven = ls.DictionaryItemExists("heaven_button") ? ls.GetDictionaryItemByKey("heaven_button") : new DictionaryItem("heaven_button");
IDictionaryItem hell = ls.DictionaryItemExists("hell_button") ? ls.GetDictionaryItemByKey("hell_button") : new DictionaryItem("hell_button");
IDictionaryItem This = ls.DictionaryItemExists("this_button") ? ls.GetDictionaryItemByKey("this_button") : new DictionaryItem("this_button");
IDictionaryItem sublime = ls.DictionaryItemExists("sublime_button") ? ls.GetDictionaryItemByKey("sublime_button") : new DictionaryItem("sublime_button");
// set the translations created above
hello.Translations = _hello;
submit.Translations = _submit;
form.Translations = _form;
btstrp.Translations = _bootstrap;
world.Translations = _world;
heaven.Translations = _heaven;
hell.Translations = _hell;
This.Translations = _this;
sublime.Translations = _sublime1;
//now save the dictionary item and translations to Umbraco
UmbracoDatabase db = ApplicationContext.DatabaseContext.Database;
var remove = new Sql("DELETE FROM cmsLanguageText");
int rem = db.Execute(remove);
ls.Save(hello);
ls.Save(submit);
ls.Save(form);
ls.Save(btstrp);
ls.Save(world);
ls.Save(heaven);
ls.Save(hell);
ls.Save(This);
ls.Save(sublime);
}
一切都必须手动输入,但是它可以完成工作,只要您知道语法就很容易。
所以我的代码似乎 运行 没问题,没有抛出异常或错误,但是当我在 "import complete" 警报跳转后检查我的数据库 table 时,那里什么也没有.
请注意:
我指的是 SaveLT 函数中的查询
这是我的 C# 控制器:
using UmbracoImportExportPlugin.Models;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Web;
using System.Web.Mvc;
using Umbraco.Core.Persistence;
using Umbraco.Web;
using Umbraco.Web.WebApi;
namespace UmbracoImportExportPlugin.App_Code
{
public class ImportNewDictionaryController : UmbracoAuthorizedApiController
{
public string basePath;
//Locate specific path
public void LocatePath()
{
this.basePath = System.Web.Hosting.HostingEnvironment.MapPath(@"/upload");
}
[System.Web.Http.AcceptVerbs("GET", "POST")]
//[System.Web.Http.HttpPost]
public void SaveFile()
{
var myContext = Request.TryGetHttpContext();
List<string> keys = new List<string>();
if (myContext.Success)
{
HttpPostedFileBase myFile = myContext.Result.Request.Files["file"];
if (myFile == null)
{
throw new HttpException("invalid file");
}
else
{
StreamReader csvreader = new StreamReader(myFile.InputStream);
while (!csvreader.EndOfStream)
{
var line = csvreader.ReadLine();
if (line != "Key")
keys.Add(line);
}
}
UmbracoDatabase db = ApplicationContext.DatabaseContext.Database;
var remove = new Sql("DELETE FROM cmsDictionary");
int rem = db.Execute(remove);
foreach (string item in keys)
{
var insert = new Sql("INSERT INTO cmsDictionary VALUES (NEWID(), null,'" + item + "')");
int res = db.Execute(insert);
}
}
}
[System.Web.Http.AcceptVerbs("GET", "POST")]
public void SaveLT()
{
List<string> id = new List<string>();
var myContext = Request.TryGetHttpContext();
List<string> data = new List<string>();
if (myContext.Success)
{
HttpPostedFileBase myFile = myContext.Result.Request.Files["file"];
if (myFile == null)
{
throw new HttpException("invalid file");
}
else
{
StreamReader csvreader = new StreamReader(myFile.InputStream);
while (!csvreader.EndOfStream)
{
var line = csvreader.ReadLine();
if (line != "Value")
data.Add(line);
}
}
UmbracoDatabase db = ApplicationContext.DatabaseContext.Database;
var remove = new Sql("DELETE FROM cmsLanguageText");
int rem = db.Execute(remove);
for (var i = 1; i < 142; i++ )
{
foreach (string lang in data)
{
foreach (string ident in id)
{
Int32.Parse(ident);
var insertNew = new Sql("INSERT INTO cmsLanguageText (languageId, UniqueId, value) VALUES (" + ident + " , NEWID() , '" + lang + "')");
int res = db.Execute(insertNew);
}
}
}
}
}
public List<int> getList()
{
UmbracoDatabase db = ApplicationContext.DatabaseContext.Database;
var select = new Sql("SELECT [id] FROM umbracoLanguage;");
List<int> id = new List<int>();
id = db.Fetch<int>(select);
return id;
}
public String GetUserName()
{
var current = UmbracoContext.Current;
var user = current.UmbracoUser;
return user.Name.ToString();
}
}
}
这是我的 angular.js 控制器:
angular.module("umbraco")
.controller("ILTController", function ($scope, $http) {
$scope.fileUpload = {};
$scope.uploadLanguage = function () {
var uploadUrl = " /umbraco/backoffice/api/ImportNewDictionary/SaveLT";
var fd = new FormData();
fd.append('file', $scope.fileUpload);
$http.post(uploadUrl, fd, {
transformRequest: angular.identity,
headers: { 'Content-Type': undefined }
})
.success(function (data) {
// ok
alert("Import Complete!");
})
.error(function () {
// handle upload error
alert("Import Unsuccessful!");
})
};
});
angular.module("umbraco").directive("qwSingleLanguageUpload", function () {
return {
restrict: "A",
replace: false,
scope: {
myValue: '=qwSingleLanguageUpload'
},
link: function (scope, element, attr) {
element.bind('change', function () {
scope.myValue = element[0].files[0];
if (scope.$$phase) {
scope.$apply();
}
});
}
}
});
我更关心为什么它不将导入的内容(CSV 文件)导入数据库 table 而不是安全性,因为这是一个 Umbraco 后台插件,导入文件选项卡只能访问由具有特定权限的特定用户。在进行 SQL 注入之前,他们必须访问后台,这是毫无意义的,因为该查询正在更改的任何内容都可以由该用户在仪表板上更改。
知道为什么我的数据库 table 可能无法上传吗?我已经设置了断点,并且 foreach 循环是 运行 所以我不确定现在该做什么。
您设置 List<string> id = new List<string>(),然后执行 foreach (string ident in id)。由于 id 是一个空列表,您没有任何可迭代的内容,因此永远不会到达您的 INSERT 语句。
尝试用一些值填充 id 以进行迭代。
除非我在快速通读时误读了您的代码。
与其尝试 SQL 并将其手动插入数据库,Umbraco 实际上有一个本地化服务和模型:
[System.Web.Http.AcceptVerbs("GET", "POST")]
public void SaveLT()
{
var ls = ApplicationContext.Current.Services.LocalizationService;
//create a holder for the item's DictionaryTranslations
List<DictionaryTranslation> _hello = new List<DictionaryTranslation>();
List<DictionaryTranslation> _submit = new List<DictionaryTranslation>();
List<DictionaryTranslation> _form = new List<DictionaryTranslation>();
List<DictionaryTranslation> _bootstrap = new List<DictionaryTranslation>();
List<DictionaryTranslation> _world = new List<DictionaryTranslation>();
List<DictionaryTranslation> _heaven = new List<DictionaryTranslation>();
List<DictionaryTranslation> _hell = new List<DictionaryTranslation>();
List<DictionaryTranslation> _this = new List<DictionaryTranslation>();
List<DictionaryTranslation> _sublime1 = new List<DictionaryTranslation>();
//the constructor for a DictionaryItem requires the Umbraco language object and value of the translated text
//so get the language object, eg from Iso Code
var language = ls.GetLanguageByIsoCode("he-IL");
var lang1 = ls.GetLanguageByIsoCode("ru");
var lang2 = ls.GetLanguageByIsoCode("en-US");
// here we create a french translation for our item and add it to the list
DictionaryTranslation hebhello = new DictionaryTranslation(language, "שלום");
DictionaryTranslation rushello = new DictionaryTranslation(lang1, "Здравствуйте");
DictionaryTranslation enghello = new DictionaryTranslation(lang2, "Blah");
_hello.Add(hebhello);
_hello.Add(rushello);
_hello.Add(enghello);
DictionaryTranslation hebsubmit = new DictionaryTranslation(language, "שלח");
DictionaryTranslation russubmit = new DictionaryTranslation(lang1, "Отправить");
DictionaryTranslation engsubmit = new DictionaryTranslation(lang2, "Submit");
_submit.Add(hebsubmit);
_submit.Add(russubmit);
_submit.Add(engsubmit);
DictionaryTranslation hebform = new DictionaryTranslation(language, "טופס");
DictionaryTranslation rusform = new DictionaryTranslation(lang1, "форма");
DictionaryTranslation engform = new DictionaryTranslation(lang2, "Form");
_form.Add(hebform);
_form.Add(rusform);
_form.Add(engform);
DictionaryTranslation hebbtstrp = new DictionaryTranslation(language, "אֹזֶן הַנַעַל");
DictionaryTranslation rusbtstrp = new DictionaryTranslation(lang1, "начальная загрузка");
DictionaryTranslation engbtstrp = new DictionaryTranslation(lang2, "Bootstrap");
_bootstrap.Add(hebbtstrp);
_bootstrap.Add(rusbtstrp);
_bootstrap.Add(engbtstrp);
DictionaryTranslation hebworld = new DictionaryTranslation(language, "עוֹלָם");
DictionaryTranslation rusworld = new DictionaryTranslation(lang1, "Мир");
DictionaryTranslation engworld = new DictionaryTranslation(lang2, "World");
_world.Add(hebworld);
_world.Add(rusworld);
_world.Add(engworld);
DictionaryTranslation hebheaven = new DictionaryTranslation(language, "גן העדן");
DictionaryTranslation rusheaven = new DictionaryTranslation(lang1, "небо");
DictionaryTranslation engheaven = new DictionaryTranslation(lang2, "Heaven");
_heaven.Add(hebheaven);
_heaven.Add(rusheaven);
_heaven.Add(engheaven);
DictionaryTranslation hebhell = new DictionaryTranslation(language, "גגֵיהִנוֹם");
DictionaryTranslation rushell = new DictionaryTranslation(lang1, "ад");
DictionaryTranslation enghell = new DictionaryTranslation(lang2, "Hell");
_hell.Add(hebhell);
_hell.Add(rushell);
_hell.Add(enghell);
DictionaryTranslation hebthis = new DictionaryTranslation(language, "זֶה");
DictionaryTranslation rusthis = new DictionaryTranslation(lang1, "это");
DictionaryTranslation engthis = new DictionaryTranslation(lang2, "This");
_this.Add(hebthis);
_this.Add(rusthis);
_this.Add(engthis);
DictionaryTranslation hebsub = new DictionaryTranslation(language, "נִשׂגָב");
DictionaryTranslation russub = new DictionaryTranslation(lang1, "возвышенный");
DictionaryTranslation engsub = new DictionaryTranslation(lang2, "Sublime");
_sublime1.Add(hebsub);
_sublime1.Add(russub);
_sublime1.Add(engsub);
//get or create a DictionaryItem, (passing in the Dictionary Key)
IDictionaryItem hello = ls.DictionaryItemExists("hello_button") ? ls.GetDictionaryItemByKey("hello_button") : new DictionaryItem("hello_button");
IDictionaryItem submit = ls.DictionaryItemExists("submit_button") ? ls.GetDictionaryItemByKey("submit_button") : new DictionaryItem("submit_button");
IDictionaryItem form = ls.DictionaryItemExists("form_button") ? ls.GetDictionaryItemByKey("form_button") : new DictionaryItem("form_button");
IDictionaryItem btstrp = ls.DictionaryItemExists("bootstrap_button") ? ls.GetDictionaryItemByKey("bootstrap_button") : new DictionaryItem("bootstrap_button");
IDictionaryItem world = ls.DictionaryItemExists("world_button") ? ls.GetDictionaryItemByKey("world_button") : new DictionaryItem("world_button");
IDictionaryItem heaven = ls.DictionaryItemExists("heaven_button") ? ls.GetDictionaryItemByKey("heaven_button") : new DictionaryItem("heaven_button");
IDictionaryItem hell = ls.DictionaryItemExists("hell_button") ? ls.GetDictionaryItemByKey("hell_button") : new DictionaryItem("hell_button");
IDictionaryItem This = ls.DictionaryItemExists("this_button") ? ls.GetDictionaryItemByKey("this_button") : new DictionaryItem("this_button");
IDictionaryItem sublime = ls.DictionaryItemExists("sublime_button") ? ls.GetDictionaryItemByKey("sublime_button") : new DictionaryItem("sublime_button");
// set the translations created above
hello.Translations = _hello;
submit.Translations = _submit;
form.Translations = _form;
btstrp.Translations = _bootstrap;
world.Translations = _world;
heaven.Translations = _heaven;
hell.Translations = _hell;
This.Translations = _this;
sublime.Translations = _sublime1;
//now save the dictionary item and translations to Umbraco
UmbracoDatabase db = ApplicationContext.DatabaseContext.Database;
var remove = new Sql("DELETE FROM cmsLanguageText");
int rem = db.Execute(remove);
ls.Save(hello);
ls.Save(submit);
ls.Save(form);
ls.Save(btstrp);
ls.Save(world);
ls.Save(heaven);
ls.Save(hell);
ls.Save(This);
ls.Save(sublime);
}
一切都必须手动输入,但是它可以完成工作,只要您知道语法就很容易。