using System; using System.Data; using System.Data.SqlClient; using System.Diagnostics.CodeAnalysis; using SDA.DataProvider.Core; namespace SDA.DataProvider.MSSQLWrappers { class MSSQLCommandWrapper : SDACommandWrapper { internal SqlCommand Command; internal MSSQLConnectionWrapper ConnectionWrapper; internal MSSQLCommandParameterCollectionWrapper InnerParameters; internal MSSQLTransactionWrapper InnerTransaction; internal MSSQLCommandWrapper() { try { // ReSharper disable once UseObjectOrCollectionInitializer Command = new SqlCommand(); Command.CommandTimeout = 300; InnerParameters = new MSSQLCommandParameterCollectionWrapper(Command); } catch { if (Command != null) { Command.Dispose(); } throw; } } internal MSSQLCommandWrapper(SqlCommand command) { Command = command; Command.CommandTimeout = 300; InnerParameters = new MSSQLCommandParameterCollectionWrapper(Command); } protected override IDbCommand WrappedCommand { get { return Command; } } string SafeGetParametersText() { string result = ""; for (int i = 0; i < Command.Parameters.Count; i++) { result += Command.Parameters[i].ParameterName + "="; if (Command.Parameters[i].Value == null) { result += @"csharpnull, "; } else if (Command.Parameters[i].Value == DBNull.Value) { result += @"DBNULL, "; } else { result += "[" + Command.Parameters[i].Value + "], "; } } return result; } string SafeGetCommandText() { if (Command != null) { return Command.CommandText + "\n" + SafeGetParametersText(); } return ""; } public override SDAConnectionWrapper Connection { get { return ConnectionWrapper; } set { MSSQLConnectionWrapper connection = value as MSSQLConnectionWrapper; ConnectionWrapper = connection; Command.Connection = connection?.Connection; } } [SuppressMessage("Microsoft.Security", "CA2100:Review SQL queries for security vulnerabilities")] public override string CommandText { get { string temp = Command.CommandText.Replace("@p", ":p"); return temp; } set { if (value == null) { Command.CommandText = ""; return; } string temp = value.Replace(":p", "@p"); Command.CommandText = temp; } } public override int ExecuteNonQuery() { try { return Command.ExecuteNonQuery(); } catch (SqlException exception) { throw MSSQLExceptionHelper.TranslateSqlException(exception, SafeGetCommandText()); } } public override SDADataReaderWrapper ExecuteReader() { try { return new MSSQLDataReaderWrapper(Command.ExecuteReader()); } catch (SqlException exception) { throw MSSQLExceptionHelper.TranslateSqlException(exception, SafeGetCommandText()); } } public override SDADataReaderWrapper ExecuteReader(CommandBehavior commandBehavior) { try { return new MSSQLDataReaderWrapper(Command.ExecuteReader(commandBehavior)); } catch (SqlException exception) { throw MSSQLExceptionHelper.TranslateSqlException(exception, SafeGetCommandText()); } } public override object ExecuteScalar() { try { return Command.ExecuteScalar(); } catch (SqlException exception) { throw MSSQLExceptionHelper.TranslateSqlException(exception, SafeGetCommandText()); } } public override SDATransactionWrapper Transaction { get { return InnerTransaction; } set { MSSQLTransactionWrapper transaction = value as MSSQLTransactionWrapper; InnerTransaction = transaction; Command.Transaction = transaction?.Transaction; } } bool _disposed; protected override void Dispose(bool disposing) { if (_disposed) { return; } base.Dispose(disposing); if (disposing) { if (Command != null) { Command.Dispose(); Command = null; } } _disposed = true; } public override SDACommandParameterCollectionWrapper Parameters { get { return InnerParameters; } } } }