@Veera的答案非常适合使用唯一 ID进行审计,SQL Server
但正如您提到C#
的应用程序,您可以创建一个Static class
包含用户名和应用程序所需的任何其他变量的应用程序。
在您的情况下,它将类似于:
public static class UserInfo
{
public static string UserID;
}
现在在用户使用登录表单登录期间获取用户 ID,
UserInfo.UserID=Textbox1.Text;
然后您可以从代码中的任何位置访问 UserID:
string UserID="";
UserID= UserInfo.UserID
我已经展示了使用和不使用 SP 的两种情况,以从应用程序传递用户 IDC#
并将其存储在数据库中
无 SP
Using (SqlConnection sqlconn=new
SqlConnection(ConfigurationManager.ConnectionStrings["Connection"].ConnectionString))
{
DataSet ds=new DataSet()
byte[] Context_Info;
sqlconn.open();
string sql1 = "Select cast('UserID='+CONVERT(varchar(10),@UserID)
+REPLICATE(' ',128) as varbinary(128)) Context_Info";
string sql2 = "do Insert / Update / Delete that will fire the trigger";
using (SqlCommand command = new SqlCommand(sql1,sqlconn))
{
//Command 1
using (SqlDataAdapter da = new SqlDataAdapter(command))
{
da.Fill(ds);
Context_Info=(byte[])ds.Tables[0].Rows[0]["Context_Info"];
}
}
using (Sqlcommand cmd=new Sqlcommand(sql1,sqlConn))
{
//Pass both context info and User id
cmd.Parameters.AddWithValue("@ContextInfo ",ContextInfo);
cmd.Parameters.AddWithValue("@UserID",UserID);
cmd.ExceuteNonQuery();
}
}
带SP
Using (SqlConnection Sqlconn=new
SqlConnection(ConfigurationManager.ConnectionStrings["Connection"].ConnectionString))
{
Sqlconn.open();
Using (Sqlcommand cmd=new Sqlcommand())
{
cmd.CommandType=CommandType.StoredProcedure;
cmd.CommandText="Data_Ins_Upd_Del";
cmd.Parameters.AddWithValue("@UserID",UserID);
cmd.ExceuteNonQuery();
cmd.Parameters.Clear();
}
}
并在SQL Server
Create an SP like
Create Procedure Data_Ins_Upd_Del
(
@UserID Varchar(50)
)
AS
Begin
Begin Try
Declare @CONTEXT_INFO Varbinary(max)
SET @CONTEXT_INFO =cast('UserID='+CONVERT(varchar(10),@UserID)
+REPLICATE(' ',128) as varbinary(128))
SET CONTEXT_INFO @CONTEXT_INFO
/* Do Insert / Update / Delete that will fire the trigger */
SET CONTEXT_INFO 0x0
End Try
Begin Catch
Declare @Errmsg Varchar(max),@ErrSeverity int
Set @Errmsg=ERROR_MESSAGE()
Set @ErrSeverity=ERROR_SEVERITY()
Raiserror(@Errmsg,@ErrSeverity,1)
End Catch
End
并在触发器中添加以下行
ALTER TRIGGER [dbo].[TR_lOCATION_AUDIT]
ON [dbo].[lOCATION] FOR UPDATE,INSERT,DELETE
AS
DECLARE @bit INT ,
@field INT ,
@maxfield INT ,
@char INT ,
@fieldname VARCHAR(128) ,
@TableName VARCHAR(128) ,
@PKCols VARCHAR(1000) ,
@sql VARCHAR(2000),
@UpdateDate VARCHAR(21) ,
@UserName VARCHAR(128) ,
@Type CHAR(1) ,
@PKSelect VARCHAR(1000),
@UserID varchar(50), //New Line
@sCONTEXT_INFO varchar(128)//New Line
//Start of new Line in Trigger
SELECT @sCONTEXT_INFO=CAST(CONTEXT_INFO() AS VARCHAR) FROM master.dbo.SYSPROCESSES WHERE SPID=@@SPID
IF Substring(RTRIM(@sCONTEXT_INFO),LEN(RTRIM(@sCONTEXT_INFO))-15,8) like '%UserID%'
BEGIN
SET @UserID=RIGHT(RTRIM(@sCONTEXT_INFO),LEN(RTRIM(@sCONTEXT_INFO))-7) //New Line
END
ELSE
BEGIN
RAISERROR('@UserID was not specified',16,1)
ROLLBACK TRAN
RETURN
END
//End of new Line in Trigger
--You will need to change @TableName to match the table to be audited.
-- Here we made GUESTS for your example.
SELECT @TableName = 'lOCATION'
-- date and user
SELECT @UserName = @UserID,
@UpdateDate = CONVERT(VARCHAR(8), GETDATE(), 112)
+ ' ' + CONVERT(VARCHAR(12), GETDATE(), 114)
-- Action
IF EXISTS (SELECT * FROM inserted)
IF EXISTS (SELECT * FROM deleted)
SELECT @Type = 'U'
ELSE
SELECT @Type = 'I'
ELSE
SELECT @Type = 'D'
-- get list of columns
SELECT * INTO #ins FROM inserted
SELECT * INTO #del FROM deleted
-- Get primary key columns for full outer join
SELECT @PKCols = COALESCE(@PKCols + ' and', ' on')
+ ' i.' + c.COLUMN_NAME + ' = d.' + c.COLUMN_NAME
FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS pk ,
INFORMATION_SCHEMA.KEY_COLUMN_USAGE c
WHERE pk.TABLE_NAME = @TableName
AND CONSTRAINT_TYPE = 'PRIMARY KEY'
AND c.TABLE_NAME = pk.TABLE_NAME
AND c.CONSTRAINT_NAME = pk.CONSTRAINT_NAME
-- Get primary key select for insert
SELECT @PKSelect = COALESCE(@PKSelect+'+','')
+ '''<' + COLUMN_NAME
+ '=''+convert(varchar(100),
coalesce(i.' + COLUMN_NAME +',d.' + COLUMN_NAME + '))+''>'''
FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS pk ,
INFORMATION_SCHEMA.KEY_COLUMN_USAGE c
WHERE pk.TABLE_NAME = @TableName
AND CONSTRAINT_TYPE = 'PRIMARY KEY'
AND c.TABLE_NAME = pk.TABLE_NAME
AND c.CONSTRAINT_NAME = pk.CONSTRAINT_NAME
IF @PKCols IS NULL
BEGIN
RAISERROR('no PK on table %s', 16, -1, @TableName)
RETURN
END
SELECT @field = 0,
@maxfield = MAX(ORDINAL_POSITION)
FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = @TableName
WHILE @field < @maxfield
BEGIN
SELECT @field = MIN(ORDINAL_POSITION)
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_NAME = @TableName
AND ORDINAL_POSITION > @field
SELECT @bit = (@field - 1 )% 8 + 1
SELECT @bit = POWER(2,@bit - 1)
SELECT @char = ((@field - 1) / 8) + 1
IF SUBSTRING(COLUMNS_UPDATED(),@char, 1) & @bit > 0
OR @Type IN ('I','D')
BEGIN
SELECT @fieldname = COLUMN_NAME
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_NAME = @TableName
AND ORDINAL_POSITION = @field
SELECT @sql = '
insert Audit ( Type,
TableName,
PK,
FieldName,
OldValue,
NewValue,
UpdateDate,
UserName)
select ''' + @Type + ''','''
+ @TableName + ''',' + @PKSelect
+ ',''' + @fieldname + ''''
+ ',convert(varchar(1000),d.' + @fieldname + ')'
+ ',convert(varchar(1000),i.' + @fieldname + ')'
+ ',''' + @UpdateDate + ''''
+ ',''' + @UserID + ''''
+ ' from #ins i full outer join #del d'
+ @PKCols
+ ' where i.' + @fieldname + ' <> d.' + @fieldname
+ ' or (i.' + @fieldname + ' is null and d.'
+ @fieldname
+ ' is not null)'
+ ' or (i.' + @fieldname + ' is not null and d.'
+ @fieldname
+ ' is null)'
EXEC (@sql)
END
END
注意:我输入的Substring
长度是根据我的测试数据改变它根据你的参数长度
编辑 SP
ALTER Procedure [dbo].[Data_Ins_Upd_Del]
(
@UserID Varchar(50),
@state varchar(100),
@dist varchar(100)
)
AS
Begin
Begin Try
Declare @CONTEXT_INFO Varbinary(max)
SET @CONTEXT_INFO =cast('UserID='+CONVERT(varchar(10),@UserID)
+REPLICATE(' ',128) as varbinary(128))
SET CONTEXT_INFO @CONTEXT_INFO
/* Do Insert / Update / Delete that will fire the trigger */
insert into State_tbl(StateName,District)values(@State,@dist)
SET CONTEXT_INFO 0x0
End Try
Begin Catch
Declare @Errmsg Varchar(max),@ErrSeverity int
Set @Errmsg=ERROR_MESSAGE()
Set @ErrSeverity=ERROR_SEVERITY()
Raiserror(@Errmsg,@ErrSeverity,1)
End Catch
End
下面是我用来测试场景的查询和触发器
Declare @UserID varchar(50)='Usr-120',
@CONTEXT_INFO Varbinary(max)
SET @CONTEXT_INFO =cast('UserID='+CONVERT(varchar(10),@UserID)
+REPLICATE(' ',128) as varbinary(128))
SET CONTEXT_INFO @CONTEXT_INFO
Insert into existing(UserName) Values(@UserID)
SET CONTEXT_INFO 0x0
扳机
Alter Trigger trgExisting
on Existing for Insert,Update,Delete
as
DECLARE @UserID varchar(50)
,@sCONTEXT_INFO varchar(128)
SELECT @sCONTEXT_INFO=CAST(CONTEXT_INFO() AS VARCHAR)
FROM master.dbo.SYSPROCESSES WHERE SPID=@@SPID
IF Substring(RTRIM(@sCONTEXT_INFO),LEN(RTRIM(@sCONTEXT_INFO))-15,8) like '%UserID%'
BEGIN
SET @UserID=RIGHT(RTRIM(@sCONTEXT_INFO),LEN(RTRIM(@sCONTEXT_INFO))-7)
END
ELSE
BEGIN
RAISERROR('@UserID was not specified',16,1)
ROLLBACK TRAN
RETURN
END
这是我通过State_Tbl
使用触发器测试您的表而得到的结果

注意:此概念仅适用于Insert
而不Update
适用Delete
使用的触发器
Create TRIGGER [dbo].[TR_lOCATION_AUDIT]
ON [dbo].[State_Tbl] FOR UPDATE,INSERT,DELETE
AS
DECLARE @bit INT ,
@field INT ,
@maxfield INT ,
@char INT ,
@fieldname VARCHAR(128) ,
@TableName VARCHAR(128) ,
@PKCols VARCHAR(1000) ,
@sql VARCHAR(2000),
@UpdateDate VARCHAR(21) ,
@UserName VARCHAR(128) ,
@Type CHAR(1) ,
@PKSelect VARCHAR(1000),
@UserID varchar(50),
@sCONTEXT_INFO varchar(128)
SELECT @sCONTEXT_INFO=CAST(CONTEXT_INFO() AS VARCHAR) FROM master.dbo.SYSPROCESSES WHERE SPID=@@SPID
IF Substring(RTRIM(@sCONTEXT_INFO),LEN(RTRIM(@sCONTEXT_INFO))-15,8) like '%UserID%'
BEGIN
SET @UserID=RIGHT(RTRIM(@sCONTEXT_INFO),LEN(RTRIM(@sCONTEXT_INFO))-7)
END
ELSE
BEGIN
RAISERROR('@UserID was not specified',16,1)
ROLLBACK TRAN
RETURN
END
--You will need to change @TableName to match the table to be audited.
-- Here we made GUESTS for your example.
SELECT @TableName = 'State_Tbl'
-- date and user
SELECT @UserName = @UserID,
@UpdateDate = CONVERT(VARCHAR(8), GETDATE(), 112)
+ ' ' + CONVERT(VARCHAR(12), GETDATE(), 114)
-- Action
IF EXISTS (SELECT * FROM inserted)
IF EXISTS (SELECT * FROM deleted)
SELECT @Type = 'U'
ELSE
SELECT @Type = 'I'
ELSE
SELECT @Type = 'D'
-- get list of columns
SELECT * INTO #ins FROM inserted
SELECT * INTO #del FROM deleted
-- Get primary key columns for full outer join
SELECT @PKCols = COALESCE(@PKCols + ' and', ' on')
+ ' i.' + c.COLUMN_NAME + ' = d.' + c.COLUMN_NAME
FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS pk ,
INFORMATION_SCHEMA.KEY_COLUMN_USAGE c
WHERE pk.TABLE_NAME = @TableName
AND CONSTRAINT_TYPE = 'PRIMARY KEY'
AND c.TABLE_NAME = pk.TABLE_NAME
AND c.CONSTRAINT_NAME = pk.CONSTRAINT_NAME
-- Get primary key select for insert
SELECT @PKSelect = COALESCE(@PKSelect+'+','')
+ '''<' + COLUMN_NAME
+ '=''+convert(varchar(100),
coalesce(i.' + COLUMN_NAME +',d.' + COLUMN_NAME + '))+''>'''
FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS pk ,
INFORMATION_SCHEMA.KEY_COLUMN_USAGE c
WHERE pk.TABLE_NAME = @TableName
AND CONSTRAINT_TYPE = 'PRIMARY KEY'
AND c.TABLE_NAME = pk.TABLE_NAME
AND c.CONSTRAINT_NAME = pk.CONSTRAINT_NAME
IF @PKCols IS NULL
BEGIN
RAISERROR('no PK on table %s', 16, -1, @TableName)
RETURN
END
SELECT @field = 0,
@maxfield = MAX(ORDINAL_POSITION)
FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = @TableName
WHILE @field < @maxfield
BEGIN
SELECT @field = MIN(ORDINAL_POSITION)
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_NAME = @TableName
AND ORDINAL_POSITION > @field
SELECT @bit = (@field - 1 )% 8 + 1
SELECT @bit = POWER(2,@bit - 1)
SELECT @char = ((@field - 1) / 8) + 1
IF SUBSTRING(COLUMNS_UPDATED(),@char, 1) & @bit > 0
OR @Type IN ('I','D')
BEGIN
SELECT @fieldname = COLUMN_NAME
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_NAME = @TableName
AND ORDINAL_POSITION = @field
IF Not EXISTS (SELECT * FROM sys.objects WHERE object_id = OBJECT_ID(N'[dbo].[Audit]') AND type in (N'U'))
Create TABLE [dbo].[Audit]
(
TranType Varchar(150),
TableName Varchar(150),
PK Varchar(150),
FieldName Varchar(150),
OldValue Varchar(150),
NewValue Varchar(150),
UpdateDate Varchar(150),
UserName Varchar(150)
)
SELECT @sql = '
insert Audit ( TranType,
TableName,
PK,
FieldName,
OldValue,
NewValue,
UpdateDate,
UserName)
select ''' + @Type + ''','''
+ @TableName + ''',' + @PKSelect
+ ',''' + @fieldname + ''''
+ ',convert(varchar(1000),d.' + @fieldname + ')'
+ ',convert(varchar(1000),i.' + @fieldname + ')'
+ ',''' + @UpdateDate + ''''
+ ',''' + @UserID + ''''
+ ' from #ins i full outer join #del d'
+ @PKCols
+ ' where i.' + @fieldname + ' <> d.' + @fieldname
+ ' or (i.' + @fieldname + ' is null and d.'
+ @fieldname
+ ' is not null)'
+ ' or (i.' + @fieldname + ' is not null and d.'
+ @fieldname
+ ' is null)'
EXEC (@sql)
END
END