protected void CommentView_PreRender(object sender, System.EventArgs e)
{
SharedBasePage requestPage = Page as SharedBasePage;
string entryId = (string)ViewState["entryId"];
bool obfuscateEmail = requestPage.SiteConfig.ObfuscateEmail;
Entry entry = requestPage.DataService.GetEntry(entryId);
if (entry != null)
{
//Modified 10-3-03 HPierson
//Render the day template with just the single entry, rather than the item template
//Modified 12-8-03 HPierson
//Using entry.CreatedLocalTime causes a bug when dasBlog is not configured to be in
//the same time zone as the server. Instead, we use the configured WindowsTimeZone
//to calculate the dasBlog configured local time for the entry
requestPage.WeblogEntries.Add(entry);
if (requestPage.SiteConfig.AdjustDisplayTimeZone)
{
newtelligence.DasBlog.Util.WindowsTimeZone wtz = requestPage.SiteConfig.GetConfiguredTimeZone();
requestPage.ProcessDayTemplate(wtz.ToLocalTime(entry.CreatedUtc), commentViewContent);
}
else
{
requestPage.ProcessDayTemplate(entry.CreatedUtc, commentViewContent);
}
HtmlAnchor commentStart = new HtmlAnchor();
commentStart.Name = "commentstart";
commentViewContent.Controls.Add(commentStart);
// Show all public comments, or all contents if you can approve them
// This way all non-public comments remain hidden, when you no longer require approval.
bool allComments = SiteSecurity.IsValidContributor();
foreach (Comment c in requestPage.DataService.GetCommentsFor(entryId, allComments))
{
SingleCommentView view = (SingleCommentView)LoadControl("SingleCommentView.ascx");
view.Comment = c;
view.ObfuscateEmail = obfuscateEmail;
commentViewContent.Controls.Add(view);
}
commentsClosed.Visible = false;
commentViewTable.Visible = true;
// only show the openid option when allowed in the config
openIdTable.Visible = requestPage.SiteConfig.AllowOpenIdComments;
commentsGravatarEnabled.Visible = requestPage.SiteConfig.CommentsAllowGravatar;
// show the comments require approval warning when moderating, or suspected spam,
// maybe users won't post multiple comments when their comment won't show immediately
commentsModerated.Visible = (requestPage.SiteConfig.CommentsRequireApproval || potentialSpamSubmitted);
if (potentialSpamSubmitted)
{
labelCommentsModerated.Text = resmgr.GetString("text_comment_potential_spam");
}
// display no/some html
labelCommentHtml.Visible = requestPage.SiteConfig.CommentsAllowHtml && (requestPage.SiteConfig.AllowedTags.AllowedTagsCount > 0);
labelComment.Visible = !labelCommentHtml.Visible;
labelCommentHtml.Text = String.Format(resmgr.GetString("text_comment_content_html"), requestPage.SiteConfig.AllowedTags.ToString());
if (SiteUtilities.AreCommentsAllowed(entry, requestPage.SiteConfig) == false)
{
commentsClosed.Visible = true;
commentViewTable.Visible = false;
openIdTable.Visible = false;
// if comments are not allow, there is no need to show the approval warning
commentsModerated.Visible = false;
}
if (Page.ClientScript.IsClientScriptBlockRegistered(this.GetType(), "coCommentScript") == false && requestPage.SiteConfig.EnableCoComment == true)
{
string coCommentScript = String.Format(@"
<script type=""text/javascript"">
// this ensures coComment gets the correct values
coco =
{{
tool : ""dasBlog"",
siteurl : ""{0}"",
sitetitle : ""{1}"",
pageurl : ""{2}"",
pagetitle : ""{3}"",
author : ""{4}"",
formID : ""{5}"",
textareaID : ""{6}"",
buttonID : ""{7}""
}}
</script>
<script id=""cocomment-fetchlet"" src=""http://www.cocomment.com/js/enabler.js"" type=""text/javascript"">
// this activates coComment
</script>
",
requestPage.SiteConfig.Root,
Server.HtmlEncode(requestPage.SiteConfig.Title),
Request.Url.ToString(),
Server.HtmlEncode(entry.Title),
Server.HtmlEncode(entry.Author),
this.Page.Form.ClientID,
this.comment.ClientID,
this.add.ClientID
);
Page.ClientScript.RegisterClientScriptBlock(this.GetType(), "coComment", coCommentScript);
}
}
}
public void AddNewComment(string name, string email, string homepage, string comment, string entryId, bool openid)
{
SharedBasePage requestPage = Page as SharedBasePage;
// if we allow tags, use the allowed tags, otherwise use an empty array
ValidTagCollection allowedTags = (requestPage.SiteConfig.CommentsAllowHtml ? requestPage.SiteConfig.AllowedTags : new ValidTagCollection(null));
Entry entry = requestPage.DataService.GetEntry(entryId);
if ((entry != null) && SiteUtilities.AreCommentsAllowed(entry, requestPage.SiteConfig))
{
Comment c = new Comment();
c.Initialize();
c.OpenId = openid;
c.Author = HttpUtility.HtmlEncode(name);
c.AuthorEmail = HttpUtility.HtmlEncode(email);
c.AuthorHomepage = FixUrl(homepage);
c.AuthorIPAddress = Request.UserHostAddress;
c.AuthorUserAgent = Request.UserAgent;
c.Referer = Request.UrlReferrer != null?Request.UrlReferrer.ToString() : String.Empty;
// clean the code from html tags
c.TargetEntryId = entryId;
c.TargetTitle = entry.Title;
if (requestPage.SiteConfig.CommentsRequireApproval == true &&
(requestPage.SiteConfig.SmtpServer == null || requestPage.SiteConfig.SmtpServer.Length == 0))
{
requestPage.LoggingService.AddEvent(new EventDataItem(EventCodes.Error, "ERROR: Comment Moderation is turned on, but you haven't configured an SMTP Server for sending mail!", ""));
}
// if comments require moderation, they are not public.
// except when the commenter is a contributor
if (SiteSecurity.IsValidContributor())
{
c.IsPublic = true;
}
else
{
// bypass spam when the comment is authenticated by openid en openid doesn't require approval
if (requestPage.SiteConfig.EnableSpamBlockingService && (requestPage.SiteConfig.BypassSpamOpenIdComment && openid) == false)
{
// make sure to send the unfiltered comment for analysis by external service
c.Content = comment;
bool externalServiceSucceeded = false;
try
{
if (requestPage.SiteConfig.SpamBlockingService.IsSpam(c))
{
potentialSpamSubmitted = true;
if (!requestPage.SiteConfig.EnableSpamModeration)
{
// abort saving the comment
requestPage.LoggingService.AddEvent(new EventDataItem(EventCodes.CommentBlocked, String.Format("Blocking suspected spam from {0} {1} [{2}].", c.Author, c.AuthorEmail, c.AuthorIPAddress), SiteUtilities.GetPermaLinkUrl(entryId)));
clearCommentInput();
return;
}
c.SpamState = SpamState.Spam;
c.IsPublic = false;
}
else
{
c.SpamState = SpamState.NotSpam;
c.IsPublic = true;
}
externalServiceSucceeded = true;
}
catch (Exception ex)
{
requestPage.LoggingService.AddEvent(new EventDataItem(EventCodes.Error, String.Format("The external spam blocking service failed for comment {0}. Original exception: {1}", c.EntryId, ex), SiteUtilities.GetPermaLinkUrl(entryId)));
}
if (!externalServiceSucceeded)
{
// If the external service fails, we will hide the comment, but not delete it,
// even if moderation is disabled.
c.SpamState = SpamState.NotChecked;
if (doesFeedbackHaveSpamPotential(c))
{
potentialSpamSubmitted = true;
c.IsPublic = false;
}
else
{
c.IsPublic = true;
}
}
}
else
{
c.IsPublic = true;
}
// If comment moderation enabled, hide all comments regardless of the what the external spam service says
if (requestPage.SiteConfig.CommentsRequireApproval)
{
c.IsPublic = false;
}
}
// FilterHtml html encodes anything we don't like
string filteredText = SiteUtilities.FilterHtml(comment, allowedTags);
c.Content = filteredText;
if (requestPage.SiteConfig.SendCommentsByEmail &&
requestPage.SiteConfig.SmtpServer != null &&
requestPage.SiteConfig.SmtpServer.Length > 0)
{
SendMailInfo defaultMailInfo = ComposeMail(c);
requestPage.DataService.AddComment(c, defaultMailInfo);
requestPage.DataService.RunActions(ComposeMailForUsers(entry, c));
string commentShort = c.Content.Replace("\n", "");
if (commentShort.Length > 50)
{
commentShort = commentShort.Substring(0, 50) + "...";
}
requestPage.LoggingService.AddEvent(
new EventDataItem(
EventCodes.CommentAdded, commentShort, SiteUtilities.GetCommentViewUrl(entryId)));
}
else
{
requestPage.DataService.AddComment(c);
}
clearCommentInput();
// break the caching
requestPage.DataCache.Remove("BlogCoreData");
Session.Remove("pendingComment");
Session.Remove("pendingEntryId");
//Send the user to the comment they JUST posted.
if (!potentialSpamSubmitted)
{
Response.Redirect(SiteUtilities.GetCommentViewUrl(c.TargetEntryId) + "#" + c.EntryId);
}
}
}
public static bool AreCommentsAllowed(Entry entry, SiteConfig siteConfig)
{
return(SiteUtilities.AreCommentsAllowed(entry, siteConfig));
}
