project-redbud/FunGame-Server
6
1
Fork 0
mirror of https://github.com/project-redbud/FunGame-Server.git synced 2025-04-23 04:29:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

添加 SQL 参数化查询,防止 SQL 注入;SQL 查询结果优化

Browse Source
This commit is contained in:
milimoe 2025-01-10 19:44:36 +08:00
parent 146517ecf7
commit 38945accd4
Signed by: milimoe
GPG Key ID: 05D280912DA6C69E
6 changed files with 69 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
FunGame.Server/Controllers/DataRequestController.cs
View File

@ -217,11 +217,11 @@ namespace Milimoe.FunGame.Server.Controller
} }
if (roomid != "-1" && SQLHelper != null) if (roomid != "-1" && SQLHelper != null)
{ {
SQLHelper.Execute(RoomQuery.Insert_CreateRoom(roomid, user.Id, type, gamemodule, gamemap, isrank, password, maxusers)); SQLHelper.Execute(RoomQuery.Insert_CreateRoom(SQLHelper, roomid, user.Id, type, gamemodule, gamemap, isrank, password, maxusers));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
ServerHelper.WriteLine("[CreateRoom] Master: " + user.Username + " RoomID: " + roomid); ServerHelper.WriteLine("[CreateRoom] Master: " + user.Username + " RoomID: " + roomid);
SQLHelper.ExecuteDataSet(RoomQuery.Select_IsExistRoom(roomid)); SQLHelper.ExecuteDataSet(RoomQuery.Select_IsExistRoom(SQLHelper, roomid));
if (SQLHelper.Result == SQLResult.Success && SQLHelper.DataSet.Tables[0].Rows.Count > 0) if (SQLHelper.Result == SQLResult.Success && SQLHelper.DataSet.Tables[0].Rows.Count > 0)
{ {
room = Factory.GetRoom(SQLHelper.DataSet.Tables[0].Rows[0], user); room = Factory.GetRoom(SQLHelper.DataSet.Tables[0].Rows[0], user);
@ -283,7 +283,7 @@ namespace Milimoe.FunGame.Server.Controller
{ {
if (SQLHelper != null) if (SQLHelper != null)
{ {
SQLHelper.ExecuteDataSet(RoomQuery.Select_IsExistRoom(roomid)); SQLHelper.ExecuteDataSet(RoomQuery.Select_IsExistRoom(SQLHelper, roomid));
if (SQLHelper.Success) if (SQLHelper.Success)
{ {
Config.RoomList.IntoRoom(roomid, Server.User); Config.RoomList.IntoRoom(roomid, Server.User);
@ -535,7 +535,7 @@ namespace Milimoe.FunGame.Server.Controller
if (verifycode.Trim() == "") if (verifycode.Trim() == "")
{ {
// 先检查账号是否重复 // 先检查账号是否重复
SQLHelper.ExecuteDataSet(UserQuery.Select_IsExistUsername(username)); SQLHelper.ExecuteDataSet(UserQuery.Select_IsExistUsername(SQLHelper, username));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
ServerHelper.WriteLine(Server.GetClientName() + " 账号已被注册"); ServerHelper.WriteLine(Server.GetClientName() + " 账号已被注册");
@ -545,7 +545,7 @@ namespace Milimoe.FunGame.Server.Controller
else else
{ {
// 检查邮箱是否重复 // 检查邮箱是否重复
SQLHelper.ExecuteDataSet(UserQuery.Select_IsExistEmail(email)); SQLHelper.ExecuteDataSet(UserQuery.Select_IsExistEmail(SQLHelper, email));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
ServerHelper.WriteLine(Server.GetClientName() + " 邮箱已被注册"); ServerHelper.WriteLine(Server.GetClientName() + " 邮箱已被注册");
@ -555,7 +555,7 @@ namespace Milimoe.FunGame.Server.Controller
else else
{ {
// 检查验证码是否发送过 // 检查验证码是否发送过
SQLHelper.ExecuteDataSet(RegVerifyCodes.Select_HasSentRegVerifyCode(username, email)); SQLHelper.ExecuteDataSet(RegVerifyCodes.Select_HasSentRegVerifyCode(SQLHelper, username, email));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
DateTime RegTime = (DateTime)SQLHelper.DataSet.Tables[0].Rows[0][RegVerifyCodes.Column_RegTime]; DateTime RegTime = (DateTime)SQLHelper.DataSet.Tables[0].Rows[0][RegVerifyCodes.Column_RegTime];
@ -570,9 +570,9 @@ namespace Milimoe.FunGame.Server.Controller
{ {
// 发送验证码,需要先删除之前过期的验证码 // 发送验证码,需要先删除之前过期的验证码
SQLHelper.NewTransaction(); SQLHelper.NewTransaction();
SQLHelper.Execute(RegVerifyCodes.Delete_RegVerifyCode(username, email)); SQLHelper.Execute(RegVerifyCodes.Delete_RegVerifyCode(SQLHelper, username, email));
_regVerify = Verification.CreateVerifyCode(VerifyCodeType.NumberVerifyCode, 6); _regVerify = Verification.CreateVerifyCode(VerifyCodeType.NumberVerifyCode, 6);
SQLHelper.Execute(RegVerifyCodes.Insert_RegVerifyCode(username, email, _regVerify)); SQLHelper.Execute(RegVerifyCodes.Insert_RegVerifyCode(SQLHelper, username, email, _regVerify));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
SQLHelper.Commit(); SQLHelper.Commit();
@ -607,7 +607,7 @@ namespace Milimoe.FunGame.Server.Controller
else else
{ {
// 先检查验证码 // 先检查验证码
SQLHelper.ExecuteDataSet(RegVerifyCodes.Select_RegVerifyCode(username, email, verifycode)); SQLHelper.ExecuteDataSet(RegVerifyCodes.Select_RegVerifyCode(SQLHelper, username, email, verifycode));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
// 检查验证码是否过期 // 检查验证码是否过期
@ -616,7 +616,7 @@ namespace Milimoe.FunGame.Server.Controller
{ {
ServerHelper.WriteLine(Server.GetClientName() + " 验证码已过期"); ServerHelper.WriteLine(Server.GetClientName() + " 验证码已过期");
msg = "此验证码已过期,请重新注册。"; msg = "此验证码已过期,请重新注册。";
SQLHelper.Execute(RegVerifyCodes.Delete_RegVerifyCode(username, email)); SQLHelper.Execute(RegVerifyCodes.Delete_RegVerifyCode(SQLHelper, username, email));
} }
else else
{ {
@ -625,12 +625,12 @@ namespace Milimoe.FunGame.Server.Controller
{ {
SQLHelper.NewTransaction(); SQLHelper.NewTransaction();
ServerHelper.WriteLine("[Reg] Username: " + username + " Email: " + email); ServerHelper.WriteLine("[Reg] Username: " + username + " Email: " + email);
SQLHelper.Execute(UserQuery.Insert_Register(username, password, email, Server.Socket?.ClientIP ?? "")); SQLHelper.Execute(UserQuery.Insert_Register(SQLHelper, username, password, email, Server.Socket?.ClientIP ?? ""));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
success = true; success = true;
msg = "注册成功!请牢记您的账号与密码!"; msg = "注册成功!请牢记您的账号与密码!";
SQLHelper.Execute(RegVerifyCodes.Delete_RegVerifyCode(username, email)); SQLHelper.Execute(RegVerifyCodes.Delete_RegVerifyCode(SQLHelper, username, email));
SQLHelper.Commit(); SQLHelper.Commit();
} }
else else
@ -691,13 +691,13 @@ namespace Milimoe.FunGame.Server.Controller
ServerHelper.WriteLine("[" + DataRequestSet.GetTypeString(DataRequestType.Login_Login) + "] Username: " + username); ServerHelper.WriteLine("[" + DataRequestSet.GetTypeString(DataRequestType.Login_Login) + "] Username: " + username);
if (SQLHelper != null) if (SQLHelper != null)
{ {
SQLHelper.ExecuteDataSet(UserQuery.Select_Users_LoginQuery(username, password)); SQLHelper.ExecuteDataSet(UserQuery.Select_Users_LoginQuery(SQLHelper, username, password));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
DataSet dsUser = SQLHelper.DataSet; DataSet dsUser = SQLHelper.DataSet;
if (autokey.Trim() != "") if (autokey.Trim() != "")
{ {
SQLHelper.ExecuteDataSet(UserQuery.Select_CheckAutoKey(username, autokey)); SQLHelper.ExecuteDataSet(UserQuery.Select_CheckAutoKey(SQLHelper, username, autokey));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
ServerHelper.WriteLine("[" + DataRequestSet.GetTypeString(DataRequestType.Login_Login) + "] AutoKey: 已确认"); ServerHelper.WriteLine("[" + DataRequestSet.GetTypeString(DataRequestType.Login_Login) + "] AutoKey: 已确认");
@ -783,7 +783,7 @@ namespace Milimoe.FunGame.Server.Controller
// 先检查验证码 // 先检查验证码
if (SQLHelper != null) if (SQLHelper != null)
{ {
SQLHelper.ExecuteDataSet(ForgetVerifyCodes.Select_ForgetVerifyCode(username, email, verifycode)); SQLHelper.ExecuteDataSet(ForgetVerifyCodes.Select_ForgetVerifyCode(SQLHelper, username, email, verifycode));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
// 检查验证码是否过期 // 检查验证码是否过期
@ -792,7 +792,7 @@ namespace Milimoe.FunGame.Server.Controller
{ {
ServerHelper.WriteLine(Server.GetClientName() + " 验证码已过期"); ServerHelper.WriteLine(Server.GetClientName() + " 验证码已过期");
msg = "此验证码已过期,请重新找回密码。"; msg = "此验证码已过期,请重新找回密码。";
SQLHelper.Execute(ForgetVerifyCodes.Delete_ForgetVerifyCode(username, email)); SQLHelper.Execute(ForgetVerifyCodes.Delete_ForgetVerifyCode(SQLHelper, username, email));
} }
else else
{ {
@ -800,7 +800,7 @@ namespace Milimoe.FunGame.Server.Controller
if (_forgetVerify.Equals(SQLHelper.DataSet.Tables[0].Rows[0][ForgetVerifyCodes.Column_ForgetVerifyCode])) if (_forgetVerify.Equals(SQLHelper.DataSet.Tables[0].Rows[0][ForgetVerifyCodes.Column_ForgetVerifyCode]))
{ {
ServerHelper.WriteLine("[ForgerPassword] Username: " + username + " Email: " + email); ServerHelper.WriteLine("[ForgerPassword] Username: " + username + " Email: " + email);
SQLHelper.Execute(ForgetVerifyCodes.Delete_ForgetVerifyCode(username, email)); SQLHelper.Execute(ForgetVerifyCodes.Delete_ForgetVerifyCode(SQLHelper, username, email));
msg = ""; msg = "";
} }
else msg = "验证码不正确,请重新输入!"; else msg = "验证码不正确,请重新输入!";
@ -814,7 +814,7 @@ namespace Milimoe.FunGame.Server.Controller
// 检查账号和邮箱是否匹配 // 检查账号和邮箱是否匹配
if (SQLHelper != null) if (SQLHelper != null)
{ {
SQLHelper.ExecuteDataSet(UserQuery.Select_CheckEmailWithUsername(username, email)); SQLHelper.ExecuteDataSet(UserQuery.Select_CheckEmailWithUsername(SQLHelper, username, email));
if (SQLHelper.Result != SQLResult.Success) if (SQLHelper.Result != SQLResult.Success)
{ {
msg = "此邮箱未绑定此账号,请重试!"; msg = "此邮箱未绑定此账号,请重试!";
@ -822,13 +822,13 @@ namespace Milimoe.FunGame.Server.Controller
else else
{ {
// 检查验证码是否发送过和是否过期 // 检查验证码是否发送过和是否过期
SQLHelper.ExecuteDataSet(ForgetVerifyCodes.Select_HasSentForgetVerifyCode(username, email)); SQLHelper.ExecuteDataSet(ForgetVerifyCodes.Select_HasSentForgetVerifyCode(SQLHelper, username, email));
if (SQLHelper.Result != SQLResult.Success || (DateTime.Now - ((DateTime)SQLHelper.DataSet.Tables[0].Rows[0][ForgetVerifyCodes.Column_SendTime])).TotalMinutes >= 10) if (SQLHelper.Result != SQLResult.Success || (DateTime.Now - ((DateTime)SQLHelper.DataSet.Tables[0].Rows[0][ForgetVerifyCodes.Column_SendTime])).TotalMinutes >= 10)
{ {
// 发送验证码,需要先删除之前过期的验证码 // 发送验证码,需要先删除之前过期的验证码
SQLHelper.Execute(ForgetVerifyCodes.Delete_ForgetVerifyCode(username, email)); SQLHelper.Execute(ForgetVerifyCodes.Delete_ForgetVerifyCode(SQLHelper, username, email));
_forgetVerify = Verification.CreateVerifyCode(VerifyCodeType.NumberVerifyCode, 6); _forgetVerify = Verification.CreateVerifyCode(VerifyCodeType.NumberVerifyCode, 6);
SQLHelper.Execute(ForgetVerifyCodes.Insert_ForgetVerifyCode(username, email, _forgetVerify)); SQLHelper.Execute(ForgetVerifyCodes.Insert_ForgetVerifyCode(SQLHelper, username, email, _forgetVerify));
if (SQLHelper.Result == SQLResult.Success) if (SQLHelper.Result == SQLResult.Success)
{ {
if (MailSender != null) if (MailSender != null)
@ -885,7 +885,7 @@ namespace Milimoe.FunGame.Server.Controller
string password = DataRequest.GetDictionaryJsonObject<string>(requestData, UserQuery.Column_Password) ?? ""; string password = DataRequest.GetDictionaryJsonObject<string>(requestData, UserQuery.Column_Password) ?? "";
if (username.Trim() != "" && password.Trim() != "") if (username.Trim() != "" && password.Trim() != "")
{ {
Server.SQLHelper?.Execute(UserQuery.Update_Password(username, password)); SQLHelper?.Execute(UserQuery.Update_Password(SQLHelper, username, password));
if (SQLHelper?.Success ?? false) if (SQLHelper?.Success ?? false)
{ {
// 更新成功返回空值 // 更新成功返回空值

8
FunGame.Server/Models/ServerModel.cs
View File

@ -324,7 +324,7 @@ namespace Milimoe.FunGame.Server.Model
{ {
User NewMaster = users[0]; User NewMaster = users[0];
Room.RoomMaster = NewMaster; Room.RoomMaster = NewMaster;
SQLHelper?.Execute(RoomQuery.Update_QuitRoom(roomid, User.Id, NewMaster.Id)); SQLHelper?.Execute(RoomQuery.Update_QuitRoom(SQLHelper, roomid, User.Id, NewMaster.Id));
this.InRoom = General.HallInstance; this.InRoom = General.HallInstance;
await UpdateRoomMaster(Room, true); await UpdateRoomMaster(Room, true);
result = true; result = true;
@ -332,7 +332,7 @@ namespace Milimoe.FunGame.Server.Model
else // 没人了就解散房间 else // 没人了就解散房间
{ {
Config.RoomList.RemoveRoom(roomid); Config.RoomList.RemoveRoom(roomid);
SQLHelper?.Execute(RoomQuery.Delete_QuitRoom(roomid, User.Id)); SQLHelper?.Execute(RoomQuery.Delete_QuitRoom(SQLHelper, roomid, User.Id));
this.InRoom = General.HallInstance; this.InRoom = General.HallInstance;
ServerHelper.WriteLine("[ " + GetClientName() + " ] 解散了房间 " + roomid); ServerHelper.WriteLine("[ " + GetClientName() + " ] 解散了房间 " + roomid);
result = true; result = true;
@ -399,7 +399,7 @@ namespace Milimoe.FunGame.Server.Model
ServerHelper.WriteLine("OnlinePlayers: 玩家 " + User.Username + " 已添加"); ServerHelper.WriteLine("OnlinePlayers: 玩家 " + User.Username + " 已添加");
// 更新最后登录时间、IP地址 // 更新最后登录时间、IP地址
_loginTime = DateTime.Now.Ticks; _loginTime = DateTime.Now.Ticks;
SQLHelper?.Execute(UserQuery.Update_CheckLogin(_username, Socket?.ClientIP.Split(':')[0] ?? "127.0.0.1")); SQLHelper?.Execute(UserQuery.Update_CheckLogin(SQLHelper, _username, Socket?.ClientIP.Split(':')[0] ?? "127.0.0.1"));
return true; return true;
} }
return false; return false;
@ -411,7 +411,7 @@ namespace Milimoe.FunGame.Server.Model
{ {
_logoutTime = DateTime.Now.Ticks; _logoutTime = DateTime.Now.Ticks;
int TotalMinutes = Convert.ToInt32((new DateTime(_logoutTime) - new DateTime(_loginTime)).TotalMinutes); int TotalMinutes = Convert.ToInt32((new DateTime(_logoutTime) - new DateTime(_loginTime)).TotalMinutes);
SQLHelper?.Execute(UserQuery.Update_GameTime(User.Username, TotalMinutes)); SQLHelper?.Execute(UserQuery.Update_GameTime(SQLHelper, User.Username, TotalMinutes));
if (SQLHelper != null && SQLHelper.Result == SQLResult.Success) if (SQLHelper != null && SQLHelper.Result == SQLResult.Success)
{ {
ServerHelper.WriteLine("OnlinePlayers: 玩家 " + User.Username + " 本次已游玩" + TotalMinutes + "分钟"); ServerHelper.WriteLine("OnlinePlayers: 玩家 " + User.Username + " 本次已游玩" + TotalMinutes + "分钟");

4
FunGame.Server/Others/FunGameSystem.cs
View File

@ -186,7 +186,7 @@ namespace Milimoe.FunGame.Server.Others
/// </summary> /// </summary>
public static void ServerLogin(SQLHelper sqlHelper) public static void ServerLogin(SQLHelper sqlHelper)
{ {
sqlHelper.Execute(ServerLoginLogs.Insert_ServerLoginLogs(Config.ServerName, Config.ServerKey)); sqlHelper.Execute(ServerLoginLogs.Insert_ServerLoginLogs(sqlHelper, Config.ServerName, Config.ServerKey));
} }
/// <summary> /// <summary>
@ -194,7 +194,7 @@ namespace Milimoe.FunGame.Server.Others
/// </summary> /// </summary>
public static void ClearRoomList(SQLHelper sqlHelper) public static void ClearRoomList(SQLHelper sqlHelper)
{ {
sqlHelper.Execute(RoomQuery.Delete_Rooms()); sqlHelper.Execute(RoomQuery.Delete_Rooms(sqlHelper));
} }
/// <summary> /// <summary>

16
FunGame.Server/Utilities/MySQL/MySQLHelper.cs
View File

@ -16,6 +16,7 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
public override SQLServerInfo ServerInfo => _serverInfo ?? SQLServerInfo.Create(); public override SQLServerInfo ServerInfo => _serverInfo ?? SQLServerInfo.Create();
public override int UpdateRows => _updateRows; public override int UpdateRows => _updateRows;
public override DataSet DataSet => _dataSet; public override DataSet DataSet => _dataSet;
public override Dictionary<string, object> Parameters { get; } = [];
private readonly string _connectionString = ""; private readonly string _connectionString = "";
private MySqlConnection? _connection; private MySqlConnection? _connection;
@ -90,11 +91,16 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
{ {
NewTransaction(); NewTransaction();
} }
OpenConnection(); OpenConnection();
Script = script; Script = script;
ServerHelper.WriteLine("SQLQuery -> " + script, InvokeMessageType.Api); ServerHelper.WriteLine("SQLQuery -> " + script, InvokeMessageType.Api);
using MySqlCommand command = new(script, _connection); using MySqlCommand command = new(script, _connection);
command.CommandType = CommandType; command.CommandType = CommandType;
foreach (KeyValuePair<string, object> param in Parameters)
{
command.Parameters.AddWithValue(param.Key, param.Value);
}
if (_transaction != null) command.Transaction = _transaction; if (_transaction != null) command.Transaction = _transaction;
_updateRows = command.ExecuteNonQuery(); _updateRows = command.ExecuteNonQuery();
@ -110,6 +116,7 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
finally finally
{ {
if (localTransaction) Close(); if (localTransaction) Close();
Parameters.Clear();
} }
return UpdateRows; return UpdateRows;
} }
@ -138,6 +145,7 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
{ {
NewTransaction(); NewTransaction();
} }
OpenConnection(); OpenConnection();
Script = script; Script = script;
ServerHelper.WriteLine("SQLQuery -> " + script, InvokeMessageType.Api); ServerHelper.WriteLine("SQLQuery -> " + script, InvokeMessageType.Api);
@ -146,6 +154,11 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
{ {
CommandType = CommandType CommandType = CommandType
}; };
foreach (KeyValuePair<string, object> param in Parameters)
{
command.Parameters.AddWithValue(param.Key, param.Value);
}
if (_transaction != null) command.Transaction = _transaction;
MySqlDataAdapter adapter = new() MySqlDataAdapter adapter = new()
{ {
@ -155,6 +168,8 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
adapter.Fill(_dataSet); adapter.Fill(_dataSet);
if (localTransaction) Commit(); if (localTransaction) Commit();
_result = _dataSet.Tables.Cast<DataTable>().Any(table => table.Rows.Count > 0) ? SQLResult.Success : SQLResult.NotFound;
} }
catch (Exception e) catch (Exception e)
{ {
@ -165,6 +180,7 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
finally finally
{ {
if (localTransaction) Close(); if (localTransaction) Close();
Parameters.Clear();
} }
return _dataSet; return _dataSet;
} }

24
FunGame.Server/Utilities/SQLite/SQLiteHelper.cs
View File

@ -16,6 +16,7 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
public override SQLServerInfo ServerInfo => _serverInfo ?? SQLServerInfo.Create(); public override SQLServerInfo ServerInfo => _serverInfo ?? SQLServerInfo.Create();
public override int UpdateRows => _updateRows; public override int UpdateRows => _updateRows;
public override DataSet DataSet => _dataSet; public override DataSet DataSet => _dataSet;
public override Dictionary<string, object> Parameters { get; } = [];
private readonly string _connectionString = ""; private readonly string _connectionString = "";
private SqliteConnection? _connection; private SqliteConnection? _connection;
@ -88,11 +89,16 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
{ {
NewTransaction(); NewTransaction();
} }
OpenConnection(); OpenConnection();
Script = script; Script = script;
ServerHelper.WriteLine("SQLQuery -> " + script, InvokeMessageType.Api); ServerHelper.WriteLine("SQLQuery -> " + script, InvokeMessageType.Api);
using SqliteCommand command = new(script, _connection); using SqliteCommand command = new(script, _connection);
command.CommandType = CommandType; command.CommandType = CommandType;
foreach (KeyValuePair<string, object> param in Parameters)
{
command.Parameters.AddWithValue(param.Key, param.Value);
}
if (_transaction != null) command.Transaction = _transaction; if (_transaction != null) command.Transaction = _transaction;
_updateRows = command.ExecuteNonQuery(); _updateRows = command.ExecuteNonQuery();
@ -108,6 +114,7 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
finally finally
{ {
if (localTransaction) Close(); if (localTransaction) Close();
Parameters.Clear();
} }
return UpdateRows; return UpdateRows;
} }
@ -126,7 +133,6 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
/// </summary> /// </summary>
/// <param name="script"></param> /// <param name="script"></param>
/// <returns></returns> /// <returns></returns>
/// <exception cref="Exception"></exception>
public override DataSet ExecuteDataSet(string script) public override DataSet ExecuteDataSet(string script)
{ {
bool localTransaction = _transaction == null; bool localTransaction = _transaction == null;
@ -137,6 +143,7 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
{ {
NewTransaction(); NewTransaction();
} }
OpenConnection(); OpenConnection();
Script = script; Script = script;
ServerHelper.WriteLine("SQLQuery -> " + script, InvokeMessageType.Api); ServerHelper.WriteLine("SQLQuery -> " + script, InvokeMessageType.Api);
@ -144,12 +151,24 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
{ {
CommandType = CommandType CommandType = CommandType
}; };
foreach (KeyValuePair<string, object> param in Parameters)
{
command.Parameters.AddWithValue(param.Key, param.Value);
}
if (_transaction != null) command.Transaction = _transaction;
using SqliteDataReader reader = command.ExecuteReader(); using SqliteDataReader reader = command.ExecuteReader();
_dataSet = new(); _dataSet = new();
do
{
DataTable table = new(); DataTable table = new();
table.Load(reader); table.Load(reader);
_dataSet.Tables.Add(table); _dataSet.Tables.Add(table);
} while (reader.NextResult());
if (localTransaction) Commit(); if (localTransaction) Commit();
_result = _dataSet.Tables.Cast<DataTable>().Any(table => table.Rows.Count > 0) ? SQLResult.Success : SQLResult.NotFound;
} }
catch (Exception e) catch (Exception e)
{ {
@ -160,6 +179,7 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
finally finally
{ {
if (localTransaction) Close(); if (localTransaction) Close();
Parameters.Clear();
} }
return _dataSet; return _dataSet;
} }
@ -179,7 +199,6 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
/// <summary> /// <summary>
/// 提交事务 /// 提交事务
/// </summary> /// </summary>
/// <exception cref="Exception"></exception>
public override void Commit() public override void Commit()
{ {
try try
@ -197,7 +216,6 @@ namespace Milimoe.FunGame.Server.Utility.DataUtility
/// <summary> /// <summary>
/// 回滚事务 /// 回滚事务
/// </summary> /// </summary>
/// <exception cref="Exception"></exception>
public override void Rollback() public override void Rollback()
{ {
try try

2
FunGame.WebAPI/Controllers/UserController.cs
View File

@ -39,7 +39,7 @@ namespace Milimoe.FunGame.WebAPI.Controllers
// 创建User对象 // 创建User对象
if (model.SQLHelper != null) if (model.SQLHelper != null)
{ {
model.SQLHelper.ExecuteDataSet(UserQuery.Select_Users_LoginQuery(username, password)); model.SQLHelper.ExecuteDataSet(UserQuery.Select_Users_LoginQuery(model.SQLHelper, username, password));
Core.Entity.User user = Factory.GetUser(model.SQLHelper?.DataSet ?? new()); Core.Entity.User user = Factory.GetUser(model.SQLHelper?.DataSet ?? new());
if (user.Id != 0) if (user.Id != 0)
{ {