I am inserting bulk data(serial number,pin number) to DB.Before inserting,the data from datatable is binded into XML tag.Here the pin number is encrypted one...as follows,
strXml = "<?xml<pre lang="c#"></pre> version=" + @"""1.0"" encoding=" + @"""iso-8859-1""?><batch>";
strPinXml =strPinXml + "<data cardid="+@"""" +strid+@""""+" pinnumber=" + @"""" + myRC4Engine.CryptedText + @"""" + "></data>";
strXml = strXml + strPinXml + "</batch>";
Problem is after inserting into db, to verify whether the actual pinnumber(encrypted format in db) is inserted, i decrypted the pinnumber and found that,
The first digit in all data are displaced by (')single quote and last digit for some pinnumber is empty (if the pinnumber is-œA_¡/Ì·ÞvËÛ (ie)ending in Û for that pins last digit is empty).
Pins before inserting into db
- Pinnumber(While inserting)
- (Encrypted format) --- (Decrypted format)
- šA [¦,ȵØzËÚ --------- 7613051524692
- œA ¡/Ì•ÞvËÛ --------- 1687765748683
- ™@ X¦!Ï´ÝÎÛ --------- 4770086471383
- žA Z¡+ɹÝwÏÒ --------- 3642720979218
- •OQ¢(˹Þ{ËÛ --------- 8879412945686
- ŸO ^¡,ȶÝ}Î× --------- 2846751673342
Pins retrieved from db after insertion
- Pinnumber (Retrieved from db) ---- Retrieved pinnumber
- (Encrypted format) --------------- (Decrypted format)
- A [¦,ȵØzËÚ ------------------- '613051524692
- A _¡/Ì•ÞvËÛ ------------------- '68776574868
- @ X¦!Ï´ÝÎÛ ------------------ '77008647138
- AZ¡+ɹÝwÏÒ ----------------- '642720979218
- OQ¢(˹Þ{ËÛ ------------------- '879412945686
- O ^¡,ȶÝ}Î× ------------------ '846751673342
try
{
RC4Engine myRC4Engine = new RC4Engine();
myRC4Engine.EncryptionKey = "ab48495fdjk4950dj39405fk";
strXml = "<?xml version=" + @"""1.0"" encoding=" + @"""iso-8859-1""?> <batch>";
foreach (DataRow lobjbaseBatchDetail in dt.Rows)
{
myRC4Engine.InClearText = lobjbaseBatchDetail[3].ToString();
myRC4Engine.Encrypt();
strCardid = lobjbaseBatchDetail[0].ToString();
strBatchid = lobjbaseBatchDetail[1].ToString();
strid = strCardid + strBatchid + lobjbaseBatchDetail[2].ToString();
strPinXml =strPinXml + "<data cardid="+@"""" +strid+@""""+
" pinnumber=" + @"""" + myRC4Engine.CryptedText + @"""" + "></data>";
}
strXml = strXml + strPinXml + "</batch>";
SqlParameter[] arrParam = new SqlParameter[1];
arrParam[0] = new SqlParameter("@BATCHUPLOAD_XML", SqlDbType.Text );
arrParam[0].Direction = ParameterDirection.Input;
arrParam[0].Value = strXml;
iResult = SqlHelper.ExecuteNonQuery(objTrans, CommandType.StoredProcedure, "test_proc", arrParam);
objTrans.Commit();
}
catch(Exception ex)
{
objTrans.Rollback();
throw new Exception("Upload failed :" + ex.Message);
}
create procedure test_proc
(
@BATCHUPLOAD_XML text
)
as
begin
DECLARE @idoc INT
EXEC sp_xml_preparedocument @idoc OUTPUT, @BATCHUPLOAD_XML
insert into test_table_new
SELECT cardid,pinnumber
FROM OPENXML (@idoc, '/batch/data')
WITH (cardid varchar(100) '@cardid', pinnumber nvarchar(200) '@pinnumber')
EXEC sp_xml_removedocument @idoc
end
RC4-encrypted information is binary data, not text. CryptedText shouldn't be typed as string. To wrap binary data in XML, you probably want to use the binary data's BASE64 encoding.
You shouldn't write the xml by hand. Let C#'s LinqToXml do it for you and it won't make mistakes.
You could write it like:
try
{
RC4Engine myRC4Engine = new RC4Engine();
myRC4Engine.EncryptionKey = "ab48495fdjk4950dj39405fk";
XDocument doc = new XDocument(
new XDeclaration("1.0", "iso-8859-1", null),
new XElement("batch"));
foreach (DataRow lobjbaseBatchDetail in dt.Rows)
{
myRC4Engine.InClearText = lobjbaseBatchDetail[3].ToString();
myRC4Engine.Encrypt();
strCardid = lobjbaseBatchDetail[0].ToString();
strBatchid = lobjbaseBatchDetail[1].ToString();
strid = strCardid + strBatchid + lobjbaseBatchDetail[2].ToString();
XElement data = new XElement("data");
data.Add(new XAttribute("cardid", strid));
data.Add(new XAttribute("pinnumber", myRC4Engine.CryptedText));
doc.Root.Add(data);
}
SqlParameter[] arrParam = new SqlParameter[1];
arrParam[0] = new SqlParameter("@BATCHUPLOAD_XML", SqlDbType.Text );
arrParam[0].Direction = ParameterDirection.Input;
arrParam[0].Value = doc.Declaration.ToString() +
doc.ToString(SaveOptions.DisableFormatting);
iResult = SqlHelper.ExecuteNonQuery(objTrans, CommandType.StoredProcedure, "test_proc", arrParam);
objTrans.Commit();
}
catch(Exception ex)
{
objTrans.Rollback();
throw new Exception("Upload failed :" + ex.Message);
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.