public async Task <ActionResult> Submit(CommentCommand dto)
{
var match = Regex.Match(dto.NickName + dto.Content.RemoveHtmlTag(), CommonHelper.BanRegex);
if (match.Success)
{
LogManager.Info($"提交内容:{dto.NickName}/{dto.Content},敏感词:{match.Value}");
return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!"));
}
Post post = await PostService.GetByIdAsync(dto.PostId) ?? throw new NotFoundException("评论失败,文章未找到");
if (post.DisableComment)
{
return(ResultData(null, false, "本文已禁用评论功能,不允许任何人回复!"));
}
dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty);
if (CommentFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2)
{
CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1));
return(ResultData(null, false, "您的发言频率过快,请稍后再发表吧!"));
}
var comment = dto.Mapper <Comment>();
if (Regex.Match(dto.NickName + dto.Content, CommonHelper.ModRegex).Length <= 0)
{
comment.Status = Status.Published;
}
comment.CommentDate = DateTime.Now;
var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo);
if (user != null)
{
comment.NickName = user.NickName;
comment.QQorWechat = user.QQorWechat;
comment.Email = user.Email;
if (user.IsAdmin)
{
comment.Status = Status.Published;
comment.IsMaster = true;
}
}
comment.Content = dto.Content.HtmlSantinizerStandard().ClearImgAttributes();
comment.Browser = dto.Browser ?? Request.Headers[HeaderNames.UserAgent];
comment.IP = ClientIP;
comment.Location = comment.IP.GetIPLocation();
comment = CommentService.AddEntitySaved(comment);
if (comment == null)
{
return(ResultData(null, false, "评论失败"));
}
CommentFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5);
CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1));
var emails = new HashSet <string>();
var email = CommonHelper.SystemSettings["ReceiveEmail"]; //站长邮箱
emails.Add(email);
var content = new Template(await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/notify.html"))
.Set("title", post.Title)
.Set("time", DateTime.Now.ToTimeZoneF(HttpContext.Session.Get <string>(SessionKey.TimeZone)))
.Set("nickname", comment.NickName)
.Set("content", comment.Content);
if (comment.Status == Status.Published)
{
if (!comment.IsMaster)
{
await MessageService.AddEntitySavedAsync(new InternalMessage()
{
Title = $"来自【{comment.NickName}】的新文章评论",
Content = comment.Content,
Link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment"
});
}
if (comment.ParentId == 0)
{
emails.Add(post.Email);
emails.Add(post.ModifierEmail);
//新评论,只通知博主和楼主
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论:", content.Set("link", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment").Render(false), s, ClientIP));
}
}
else
{
//通知博主和上层所有关联的评论访客
var pid = CommentService.GetParentCommentIdByChildId(comment.Id);
emails.AddRange(CommentService.GetSelfAndAllChildrenCommentsByParentId(pid).Select(c => c.Email).ToArray());
emails.AddRange(post.Email, post.ModifierEmail);
emails.Remove(comment.Email);
string link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment";
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]}文章评论回复:", content.Set("link", link).Render(false), s, ClientIP));
}
}
return(ResultData(null, true, "评论发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将显示到评论列表中"));
}
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论(待审核):", content.Set("link", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment").Render(false) + "<p style='color:red;'>(待审核)</p>", s, ClientIP));
}
return(ResultData(null, true, "评论成功,待站长审核通过以后将显示"));
}
public async Task <ActionResult> Put(CommentCommand dto)
{
if (Regex.Match(dto.Content, CommonHelper.BanRegex).Length > 0)
{
return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!"));
}
Post post = await PostService.GetByIdAsync(dto.PostId) ?? throw new NotFoundException("评论失败,文章未找到");
if (post.DisableComment)
{
return(ResultData(null, false, "本文已禁用评论功能,不允许任何人回复!"));
}
dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty);
if (dto.Content.RemoveHtmlTag().Trim().Equals(HttpContext.Session.Get <string>("comment" + dto.PostId)))
{
return(ResultData(null, false, "您刚才已经在这篇文章发表过一次评论了,换一篇文章吧,或者换一下评论内容吧!"));
}
var comment = dto.Mapper <Comment>();
if (Regex.Match(dto.Content, CommonHelper.ModRegex).Length <= 0)
{
comment.Status = Status.Published;
}
comment.CommentDate = DateTime.Now;
var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo);
if (user != null)
{
comment.NickName = user.NickName;
comment.QQorWechat = user.QQorWechat;
comment.Email = user.Email;
if (user.IsAdmin)
{
comment.Status = Status.Published;
comment.IsMaster = true;
}
}
comment.Content = dto.Content.HtmlSantinizerStandard().ClearImgAttributes();
comment.Browser = dto.Browser ?? Request.Headers[HeaderNames.UserAgent];
comment.IP = ClientIP;
comment.Location = comment.IP.GetIPLocation().Split("|").Where(s => !int.TryParse(s, out _)).ToHashSet().Join("|");
comment = CommentService.AddEntitySaved(comment);
if (comment == null)
{
return(ResultData(null, false, "评论失败"));
}
HttpContext.Session.Set("comment" + comment.PostId, comment.Content.RemoveHtmlTag().Trim());
var emails = new HashSet <string>();
var email = CommonHelper.SystemSettings["ReceiveEmail"]; //站长邮箱
emails.Add(email);
var content = (await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/notify.html"))
.Replace("{{title}}", post.Title)
.Replace("{{time}}", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"))
.Replace("{{nickname}}", comment.NickName)
.Replace("{{content}}", comment.Content);
if (comment.Status == Status.Published)
{
if (!comment.IsMaster)
{
await MessageService.AddEntitySavedAsync(new InternalMessage()
{
Title = $"来自【{comment.NickName}】的新文章评论",
Content = comment.Content,
Link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment"
});
}
#if !DEBUG
if (comment.ParentId == 0)
{
emails.Add(post.Email);
emails.Add(post.ModifierEmail);
//新评论,只通知博主和楼主
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论:", content.Replace("{{link}}", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment"), s));
}
}
else
{
//通知博主和上层所有关联的评论访客
var pid = CommentService.GetParentCommentIdByChildId(comment.Id);
emails.AddRange(CommentService.GetSelfAndAllChildrenCommentsByParentId(pid).Select(c => c.Email).ToArray());
emails.AddRange(post.Email, post.ModifierEmail);
emails.Remove(comment.Email);
string link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment";
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]}文章评论回复:", content.Replace("{{link}}", link), s));
}
}
#endif
return(ResultData(null, true, "评论发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将显示到评论列表中"));
}
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论(待审核):", content.Replace("{{link}}", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment") + "<p style='color:red;'>(待审核)</p>", s));
}
return(ResultData(null, true, "评论成功,待站长审核通过以后将显示"));
}
public ActionResult Put(CommentInputDto comment)
{
if (Regex.Match(comment.Content, CommonHelper.BanRegex).Length > 0)
{
return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请注意改善您的言辞!"));
}
Post post = PostService.GetById(comment.PostId);
if (post is null)
{
return(ResultData(null, false, "评论失败,文章不存在!"));
}
if (post.DisableComment)
{
return(ResultData(null, false, "本文已禁用评论功能,不允许任何人回复!"));
}
comment.Content = comment.Content.Trim().Replace("<p><br></p>", string.Empty);
if (comment.Content.RemoveHtmlTag().Trim().Equals(HttpContext.Session.Get <string>("comment" + comment.PostId)))
{
return(ResultData(null, false, "您刚才已经在这篇文章发表过一次评论了,换一篇文章吧,或者换一下评论内容吧!"));
}
if (Regex.Match(comment.Content, CommonHelper.ModRegex).Length <= 0)
{
comment.Status = Status.Pended;
}
UserInfoOutputDto user = HttpContext.Session.Get <UserInfoOutputDto>(SessionKey.UserInfo);
if (user != null)
{
comment.NickName = user.NickName;
comment.QQorWechat = user.QQorWechat;
comment.Email = user.Email;
if (user.IsAdmin)
{
comment.Status = Status.Pended;
comment.IsMaster = true;
}
}
comment.Content = comment.Content.HtmlSantinizerStandard().ClearImgAttributes();
comment.CommentDate = DateTime.Now;
comment.Browser = comment.Browser ?? Request.Headers[HeaderNames.UserAgent];
comment.IP = HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString();
Comment com = CommentService.AddEntitySaved(comment.Mapper <Comment>());
if (com != null)
{
HttpContext.Session.Set("comment" + comment.PostId, comment.Content.RemoveHtmlTag().Trim());
var emails = new List <string>();
var email = CommonHelper.SystemSettings["ReceiveEmail"]; //站长邮箱
emails.Add(email);
string content = System.IO.File.ReadAllText(_hostingEnvironment.WebRootPath + "/template/notify.html").Replace("{{title}}", post.Title).Replace("{{time}}", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")).Replace("{{nickname}}", com.NickName).Replace("{{content}}", com.Content);
if (comment.Status == Status.Pended)
{
if (!com.IsMaster)
{
MessageService.AddEntitySaved(new InternalMessage()
{
Title = $"来自【{com.NickName}】的新文章评论",
Content = com.Content,
Link = Url.Action("Details", "Post", new { id = com.PostId, cid = com.Id }, Request.Scheme) + "#comment"
});
}
#if !DEBUG
if (com.ParentId == 0)
{
emails.Add(PostService.GetById(com.PostId).Email);
//新评论,只通知博主和楼主
foreach (var s in emails.Distinct())
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail(CommonHelper.SystemSettings["Domain"] + "|博客文章新评论:", content.Replace("{{link}}", Url.Action("Details", "Post", new { id = com.PostId, cid = com.Id }, Request.Scheme) + "#comment"), s));
}
}
else
{
//通知博主和上层所有关联的评论访客
var pid = CommentService.GetParentCommentIdByChildId(com.Id);
emails = CommentService.GetSelfAndAllChildrenCommentsByParentId(pid).Select(c => c.Email).Except(new List <string> {
com.Email
}).Distinct().ToList();
string link = Url.Action("Details", "Post", new { id = com.PostId, cid = com.Id }, Request.Scheme) + "#comment";
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{CommonHelper.SystemSettings["Domain"]}{CommonHelper.SystemSettings["Title"]}文章评论回复:", content.Replace("{{link}}", link), s));
}
}
#endif
return(ResultData(null, true, "评论发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将显示到评论列表中"));
}
foreach (var s in emails.Distinct())
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail(CommonHelper.SystemSettings["Domain"] + "|博客文章新评论(待审核):", content.Replace("{{link}}", Url.Action("Details", "Post", new { id = com.PostId, cid = com.Id }, Request.Scheme) + "#comment") + "<p style='color:red;'>(待审核)</p>", s));
}
return(ResultData(null, true, "评论成功,待站长审核通过以后将显示"));
}
return(ResultData(null, false, "评论失败"));
}
public async Task <ActionResult> Submit([FromServices] IInternalMessageService messageService, [FromServices] IMailSender mailSender, CommentCommand cmd)
{
var match = Regex.Match(cmd.NickName + cmd.Content.RemoveHtmlTag(), CommonHelper.BanRegex);
if (match.Success)
{
LogManager.Info($"提交内容:{cmd.NickName}/{cmd.Content},敏感词:{match.Value}");
return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!"));
}
var error = await ValidateEmailCode(mailSender, cmd.Email, cmd.Code);
if (!string.IsNullOrEmpty(error))
{
return(ResultData(null, false, error));
}
if (cmd.ParentId > 0 && DateTime.Now - CommentService[cmd.ParentId, c => c.CommentDate] > TimeSpan.FromDays(180))
{
return(ResultData(null, false, "当前评论过于久远,不再允许回复!"));
}
Post post = await PostService.GetByIdAsync(cmd.PostId) ?? throw new NotFoundException("评论失败,文章未找到");
CheckPermission(post);
if (post.DisableComment)
{
return(ResultData(null, false, "本文已禁用评论功能,不允许任何人回复!"));
}
cmd.Content = cmd.Content.Trim().Replace("<p><br></p>", string.Empty);
if (CommentFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2)
{
CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1));
return(ResultData(null, false, "您的发言频率过快,请稍后再发表吧!"));
}
var comment = cmd.Mapper <Comment>();
if (cmd.Email == post.Email || cmd.Email == post.ModifierEmail || Regex.Match(cmd.NickName + cmd.Content, CommonHelper.ModRegex).Length <= 0)
{
comment.Status = Status.Published;
}
comment.CommentDate = DateTime.Now;
var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo);
if (user != null)
{
comment.NickName = user.NickName;
comment.Email = user.Email;
if (user.IsAdmin)
{
comment.Status = Status.Published;
comment.IsMaster = true;
}
}
comment.Content = await cmd.Content.HtmlSantinizerStandard().ClearImgAttributes();
comment.Browser = cmd.Browser ?? Request.Headers[HeaderNames.UserAgent];
comment.IP = ClientIP;
comment.Location = Request.Location();
comment = CommentService.AddEntitySaved(comment);
if (comment == null)
{
return(ResultData(null, false, "评论失败"));
}
Response.Cookies.Append("NickName", comment.NickName, new CookieOptions()
{
Expires = DateTimeOffset.Now.AddYears(1),
SameSite = SameSiteMode.Lax
});
WriteEmailKeyCookie(cmd.Email);
CommentFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5);
CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1));
var emails = new HashSet <string>();
var email = CommonHelper.SystemSettings["ReceiveEmail"]; //站长邮箱
emails.Add(email);
var content = new Template(await new FileInfo(HostEnvironment.WebRootPath + "/template/notify.html").ShareReadWrite().ReadAllTextAsync(Encoding.UTF8))
.Set("title", post.Title)
.Set("time", DateTime.Now.ToTimeZoneF(HttpContext.Session.Get <string>(SessionKey.TimeZone)))
.Set("nickname", comment.NickName)
.Set("content", comment.Content);
Response.Cookies.Append("Comment_" + post.Id, "1", new CookieOptions()
{
Expires = DateTimeOffset.Now.AddDays(2),
SameSite = SameSiteMode.Lax,
MaxAge = TimeSpan.FromDays(2),
Secure = true
});
if (comment.Status == Status.Published)
{
if (!comment.IsMaster)
{
await messageService.AddEntitySavedAsync(new InternalMessage()
{
Title = $"来自【{comment.NickName}】在文章《{post.Title}》的新评论",
Content = comment.Content,
Link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }) + "#comment"
});
}
if (comment.ParentId == 0)
{
emails.Add(post.Email);
emails.Add(post.ModifierEmail);
//新评论,只通知博主和楼主
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论:", content.Set("link", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment").Render(false), s, ClientIP));
}
}
else
{
//通知博主和上层所有关联的评论访客
var parent = await CommentService.GetByIdAsync(comment.ParentId);
emails.AddRange(parent.Root().Flatten().Select(c => c.Email).ToArray());
emails.AddRange(post.Email, post.ModifierEmail);
emails.Remove(comment.Email);
string link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment";
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]}文章评论回复:", content.Set("link", link).Render(false), s, ClientIP));
}
}
return(ResultData(null, true, "评论发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将显示到评论列表中"));
}
foreach (var s in emails)
{
BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论(待审核):", content.Set("link", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment").Render(false) + "<p style='color:red;'>(待审核)</p>", s, ClientIP));
}
return(ResultData(null, true, "评论成功,待站长审核通过以后将显示"));
}
