~tjx/NewPdaSqlServer.git

			@@ -33,7 +33,7 @@
			_httpClient.Timeout = TimeSpan.FromSeconds(30);
			}

			public async Task<dynamic> SubmitIQCToOA(dynamic queryObj)
			public dynamic SubmitIQCToOA(dynamic queryObj)
			{
			// 修改参数验证字段名
			if (string.IsNullOrEmpty(queryObj.userId.ToString())) throw new Exception("用户id不允许为空");
			@@ -47,12 +47,12 @@
			//var query = JObject.FromObject(queryObj);

			// 1. 注册获取凭证
			var registResult = await GetRegistAsync();
			var registResult = GetRegistAsync();
			var secret = registResult["secrit"].ToString();
			var spk = registResult["spk"].ToString();

			// 2. 获取访问令牌
			var tokenResult = await ApplyTokenAsync(secret, spk);
			var tokenResult = ApplyTokenAsync(secret, spk);
			var token = tokenResult["token"].ToString();

			// 3. 准备请求头（移除Content-Type设置）
			@@ -65,7 +65,7 @@
			var requestData = BuildRequestData(queryObj);

			// 5. 发送请求
			var response = await PostFormAsync(WorkflowUrl, requestData);
			var response = PostForm(WorkflowUrl, requestData);

			// 新增日志记录（在返回响应前）
			using (var conn = new SqlConnection(DbHelperSQL.strConn))
			@@ -187,6 +187,7 @@
			// 使用参数化查询防止SQL注入
			const string mainSql = @"
			SELECT TOP 1
			A.fBillNo AS ycczdh,
			C.item_no AS wlbm,
			C.item_name AS jzmcwlmc,
			D.supp_name AS khgys,
			@@ -212,6 +213,7 @@
			// 字段映射配置（字段名 -> 数据库列名）
			var fieldMappings = new Dictionary<string, (string Field, string Default)>
			{
			["ycczdh"] = ("ycczdh", "N/A"),
			["wlbm"] = ("wlbm", "N/A"),
			["khgys"] = ("khgys", "N/A"),
			["jzmcwlmc"] = ("jzmcwlmc", "N/A"),
			@@ -430,7 +432,7 @@
			};
			}

			private async Task<JObject> GetRegistAsync()
			private JObject GetRegistAsync()
			{
			using var rsa = new RSACryptoServiceProvider(2048);
			var cpk = Convert.ToBase64String(rsa.ExportRSAPublicKey());
			@@ -439,18 +441,18 @@
			_httpClient.DefaultRequestHeaders.Add("appid", AppId);
			_httpClient.DefaultRequestHeaders.Add("cpk", cpk);

			var response = await _httpClient.PostAsync(BaseUrl + "regist", null);
			return JObject.Parse(await response.Content.ReadAsStringAsync());
			var response = _httpClient.PostAsync(BaseUrl + "regist", null).Result;
			return JObject.Parse(response.Content.ReadAsStringAsync().Result);
			}

			private async Task<JObject> ApplyTokenAsync(string secret, string spk)
			private JObject ApplyTokenAsync(string secret, string spk)
			{
			_httpClient.DefaultRequestHeaders.Clear();
			_httpClient.DefaultRequestHeaders.Add("appid", AppId);
			_httpClient.DefaultRequestHeaders.Add("secret", RSAEncrypt(secret, spk));

			var response = await _httpClient.PostAsync(BaseUrl + "applytoken", null);
			return JObject.Parse(await response.Content.ReadAsStringAsync());
			var response = _httpClient.PostAsync(BaseUrl + "applytoken", null).Result;
			return JObject.Parse(response.Content.ReadAsStringAsync().Result);
			}

			private string RSAEncrypt(string data, string publicKey)
			@@ -475,7 +477,7 @@
			return encryptedContent;
			}

			private async Task<dynamic> PostFormAsync(string url, Dictionary<string, object> data)
			private dynamic PostForm(string url, Dictionary<string, object> data)
			{
			// 改用FormUrlEncodedContent并正确设置Content-Type
			var formData = new List<KeyValuePair<string, string>>();
			@@ -487,8 +489,8 @@
			var content = new FormUrlEncodedContent(formData);
			content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/x-www-form-urlencoded");

			var response = await _httpClient.PostAsync(url, content);
			var responseString = await response.Content.ReadAsStringAsync();
			var response = _httpClient.PostAsync(url, content).Result;
			var responseString = response.Content.ReadAsStringAsync().Result;

			// 添加响应元数据
			var responseInfo = new JObject