public async Task <ActionResult> Submit(CommentCommand dto) { var match = Regex.Match(dto.NickName + dto.Content.RemoveHtmlTag(), CommonHelper.BanRegex); if (match.Success) { LogManager.Info($"提交内容:{dto.NickName}/{dto.Content},敏感词:{match.Value}"); return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!")); } Post post = await PostService.GetByIdAsync(dto.PostId) ?? throw new NotFoundException("评论失败,文章未找到"); if (post.DisableComment) { return(ResultData(null, false, "本文已禁用评论功能,不允许任何人回复!")); } dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty); if (CommentFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2) { CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); return(ResultData(null, false, "您的发言频率过快,请稍后再发表吧!")); } var comment = dto.Mapper <Comment>(); if (Regex.Match(dto.NickName + dto.Content, CommonHelper.ModRegex).Length <= 0) { comment.Status = Status.Published; } comment.CommentDate = DateTime.Now; var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo); if (user != null) { comment.NickName = user.NickName; comment.QQorWechat = user.QQorWechat; comment.Email = user.Email; if (user.IsAdmin) { comment.Status = Status.Published; comment.IsMaster = true; } } comment.Content = dto.Content.HtmlSantinizerStandard().ClearImgAttributes(); comment.Browser = dto.Browser ?? Request.Headers[HeaderNames.UserAgent]; comment.IP = ClientIP; comment.Location = comment.IP.GetIPLocation(); comment = CommentService.AddEntitySaved(comment); if (comment == null) { return(ResultData(null, false, "评论失败")); } CommentFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5); CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); var emails = new HashSet <string>(); var email = CommonHelper.SystemSettings["ReceiveEmail"]; //站长邮箱 emails.Add(email); var content = new Template(await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/notify.html")) .Set("title", post.Title) .Set("time", DateTime.Now.ToTimeZoneF(HttpContext.Session.Get <string>(SessionKey.TimeZone))) .Set("nickname", comment.NickName) .Set("content", comment.Content); if (comment.Status == Status.Published) { if (!comment.IsMaster) { await MessageService.AddEntitySavedAsync(new InternalMessage() { Title = $"来自【{comment.NickName}】的新文章评论", Content = comment.Content, Link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment" }); } if (comment.ParentId == 0) { emails.Add(post.Email); emails.Add(post.ModifierEmail); //新评论,只通知博主和楼主 foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论:", content.Set("link", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment").Render(false), s, ClientIP)); } } else { //通知博主和上层所有关联的评论访客 var pid = CommentService.GetParentCommentIdByChildId(comment.Id); emails.AddRange(CommentService.GetSelfAndAllChildrenCommentsByParentId(pid).Select(c => c.Email).ToArray()); emails.AddRange(post.Email, post.ModifierEmail); emails.Remove(comment.Email); string link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment"; foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]}文章评论回复:", content.Set("link", link).Render(false), s, ClientIP)); } } return(ResultData(null, true, "评论发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将显示到评论列表中")); } foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论(待审核):", content.Set("link", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment").Render(false) + "<p style='color:red;'>(待审核)</p>", s, ClientIP)); } return(ResultData(null, true, "评论成功,待站长审核通过以后将显示")); }
public async Task <ActionResult> Put(CommentCommand dto) { if (Regex.Match(dto.Content, CommonHelper.BanRegex).Length > 0) { return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!")); } Post post = await PostService.GetByIdAsync(dto.PostId) ?? throw new NotFoundException("评论失败,文章未找到"); if (post.DisableComment) { return(ResultData(null, false, "本文已禁用评论功能,不允许任何人回复!")); } dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty); if (dto.Content.RemoveHtmlTag().Trim().Equals(HttpContext.Session.Get <string>("comment" + dto.PostId))) { return(ResultData(null, false, "您刚才已经在这篇文章发表过一次评论了,换一篇文章吧,或者换一下评论内容吧!")); } var comment = dto.Mapper <Comment>(); if (Regex.Match(dto.Content, CommonHelper.ModRegex).Length <= 0) { comment.Status = Status.Published; } comment.CommentDate = DateTime.Now; var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo); if (user != null) { comment.NickName = user.NickName; comment.QQorWechat = user.QQorWechat; comment.Email = user.Email; if (user.IsAdmin) { comment.Status = Status.Published; comment.IsMaster = true; } } comment.Content = dto.Content.HtmlSantinizerStandard().ClearImgAttributes(); comment.Browser = dto.Browser ?? Request.Headers[HeaderNames.UserAgent]; comment.IP = ClientIP; comment.Location = comment.IP.GetIPLocation().Split("|").Where(s => !int.TryParse(s, out _)).ToHashSet().Join("|"); comment = CommentService.AddEntitySaved(comment); if (comment == null) { return(ResultData(null, false, "评论失败")); } HttpContext.Session.Set("comment" + comment.PostId, comment.Content.RemoveHtmlTag().Trim()); var emails = new HashSet <string>(); var email = CommonHelper.SystemSettings["ReceiveEmail"]; //站长邮箱 emails.Add(email); var content = (await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/notify.html")) .Replace("{{title}}", post.Title) .Replace("{{time}}", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")) .Replace("{{nickname}}", comment.NickName) .Replace("{{content}}", comment.Content); if (comment.Status == Status.Published) { if (!comment.IsMaster) { await MessageService.AddEntitySavedAsync(new InternalMessage() { Title = $"来自【{comment.NickName}】的新文章评论", Content = comment.Content, Link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment" }); } #if !DEBUG if (comment.ParentId == 0) { emails.Add(post.Email); emails.Add(post.ModifierEmail); //新评论,只通知博主和楼主 foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论:", content.Replace("{{link}}", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment"), s)); } } else { //通知博主和上层所有关联的评论访客 var pid = CommentService.GetParentCommentIdByChildId(comment.Id); emails.AddRange(CommentService.GetSelfAndAllChildrenCommentsByParentId(pid).Select(c => c.Email).ToArray()); emails.AddRange(post.Email, post.ModifierEmail); emails.Remove(comment.Email); string link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment"; foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]}文章评论回复:", content.Replace("{{link}}", link), s)); } } #endif return(ResultData(null, true, "评论发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将显示到评论列表中")); } foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论(待审核):", content.Replace("{{link}}", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment") + "<p style='color:red;'>(待审核)</p>", s)); } return(ResultData(null, true, "评论成功,待站长审核通过以后将显示")); }
public async Task <ActionResult> Submit(LeaveMessageCommand dto) { var match = Regex.Match(dto.NickName + dto.Content.RemoveHtmlTag(), CommonHelper.BanRegex); if (match.Success) { LogManager.Info($"提交内容:{dto.NickName}/{dto.Content},敏感词:{match.Value}"); return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!")); } dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty); if (MsgFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2) { MsgFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); return(ResultData(null, false, "您的发言频率过快,请稍后再发表吧!")); } var msg = dto.Mapper <LeaveMessage>(); if (Regex.Match(dto.NickName + dto.Content, CommonHelper.ModRegex).Length <= 0) { msg.Status = Status.Published; } msg.PostDate = DateTime.Now; var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo); if (user != null) { msg.NickName = user.NickName; msg.QQorWechat = user.QQorWechat; msg.Email = user.Email; if (user.IsAdmin) { msg.Status = Status.Published; msg.IsMaster = true; } } msg.Content = dto.Content.HtmlSantinizerStandard().ClearImgAttributes(); msg.Browser = dto.Browser ?? Request.Headers[HeaderNames.UserAgent]; msg.IP = ClientIP; msg.Location = msg.IP.GetIPLocation(); msg = LeaveMessageService.AddEntitySaved(msg); if (msg == null) { return(ResultData(null, false, "留言发表失败!")); } MsgFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5); MsgFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); var email = CommonHelper.SystemSettings["ReceiveEmail"]; var content = new Template(await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/notify.html")).Set("title", "网站留言板").Set("time", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")).Set("nickname", msg.NickName).Set("content", msg.Content); if (msg.Status == Status.Published) { if (!msg.IsMaster) { await MessageService.AddEntitySavedAsync(new InternalMessage() { Title = $"来自【{msg.NickName}】的新留言", Content = msg.Content, Link = Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme) }); } #if !DEBUG if (msg.ParentId == 0) { //新评论,只通知博主 BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客新留言:", content.Set("link", Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme)).Render(false), email)); } else { //通知博主和上层所有关联的评论访客 var pid = LeaveMessageService.GetParentMessageIdByChildId(msg.Id); var emails = LeaveMessageService.GetSelfAndAllChildrenMessagesByParentId(pid).Select(c => c.Email).Append(email).Except(new[] { msg.Email }).ToHashSet(); string link = Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme); foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]} 留言回复:", content.Set("link", link).Render(false), s)); } } #endif return(ResultData(null, true, "留言发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将会显示到列表中!")); } BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客新留言(待审核):", content.Set("link", Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme)).Render(false) + "<p style='color:red;'>(待审核)</p>", email)); return(ResultData(null, true, "留言发表成功,待站长审核通过以后将显示到列表中!")); }
public async Task <ActionResult> PushMerge(PostMergeRequestCommand dto) { if (await RedisHelper.GetAsync("code:" + dto.ModifierEmail) != dto.Code) { return(ResultData(null, false, "验证码错误!")); } var post = await PostService.GetByIdAsync(dto.PostId) ?? throw new NotFoundException("文章未找到"); var diff = new HtmlDiff.HtmlDiff(post.Content.RemoveHtmlTag(), dto.Content.RemoveHtmlTag()); if (post.Title.Equals(dto.Title) && !diff.Build().Contains(new[] { "diffmod", "diffdel", "diffins" })) { return(ResultData(null, false, "内容未被修改!")); } #region 合并验证 if (PostMergeRequestService.Any(p => p.ModifierEmail == dto.ModifierEmail && p.MergeState == MergeStatus.Block)) { return(ResultData(null, false, "由于您曾经多次恶意修改文章,已经被标记为黑名单,无法修改任何文章,如有疑问,请联系网站管理员进行处理。")); } if (post.PostMergeRequests.Any(p => p.ModifierEmail == dto.ModifierEmail && p.MergeState == MergeStatus.Pending)) { return(ResultData(null, false, "您已经提交过一次修改请求正在待处理,暂不能继续提交修改请求!")); } #endregion #region 直接合并 if (post.Email.Equals(dto.ModifierEmail)) { var history = post.Mapper <PostHistoryVersion>(); Mapper.Map(dto, post); post.PostHistoryVersion.Add(history); post.ModifyDate = DateTime.Now; return(await PostService.SaveChangesAsync() > 0 ? ResultData(null, true, "你是文章原作者,无需审核,文章已自动更新并在首页展示!") : ResultData(null, false, "操作失败!")); } #endregion var merge = post.PostMergeRequests.FirstOrDefault(r => r.Id == dto.Id && r.MergeState != MergeStatus.Merged); if (merge != null) { Mapper.Map(dto, merge); merge.SubmitTime = DateTime.Now; merge.MergeState = MergeStatus.Pending; } else { merge = Mapper.Map <PostMergeRequest>(dto); post.PostMergeRequests.Add(merge); } var b = await PostService.SaveChangesAsync() > 0; if (!b) { return(ResultData(null, false, "操作失败!")); } await RedisHelper.ExpireAsync("code:" + dto.ModifierEmail, 1); await MessageService.AddEntitySavedAsync(new InternalMessage() { Title = $"来自【{dto.Modifier}】的文章修改合并请求", Content = dto.Title, Link = "#/merge/compare?id=" + merge.Id }); var content = new Template(await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/merge-request.html")).Set("title", post.Title).Set("link", Url.Action("Index", "Dashboard", new { }, Request.Scheme) + "#/merge/compare?id=" + merge.Id).Render(); BackgroundJob.Enqueue(() => CommonHelper.SendMail("博客文章修改请求:", content, CommonHelper.SystemSettings["ReceiveEmail"], ClientIP)); return(ResultData(null, true, "您的修改请求已提交,已进入审核状态,感谢您的参与!")); }
public async Task <ActionResult> Submit([FromServices] IMailSender mailSender, LeaveMessageCommand cmd) { var match = Regex.Match(cmd.NickName + cmd.Content.RemoveHtmlTag(), CommonHelper.BanRegex); if (match.Success) { LogManager.Info($"提交内容:{cmd.NickName}/{cmd.Content},敏感词:{match.Value}"); return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!")); } var error = await ValidateEmailCode(mailSender, cmd.Email, cmd.Code); if (!string.IsNullOrEmpty(error)) { return(ResultData(null, false, error)); } if (cmd.ParentId > 0 && DateTime.Now - LeaveMessageService[cmd.ParentId.Value, m => m.PostDate] > TimeSpan.FromDays(180)) { return(ResultData(null, false, "当前留言过于久远,不再允许回复!")); } cmd.Content = cmd.Content.Trim().Replace("<p><br></p>", string.Empty); if (MsgFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2) { MsgFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); return(ResultData(null, false, "您的发言频率过快,请稍后再发表吧!")); } var msg = cmd.Mapper <LeaveMessage>(); if (cmd.ParentId > 0) { msg.GroupTag = LeaveMessageService.GetQuery(c => c.Id == cmd.ParentId).Select(c => c.GroupTag).FirstOrDefault(); msg.Path = (LeaveMessageService.GetQuery(c => c.Id == cmd.ParentId).Select(c => c.Path).FirstOrDefault() + "," + cmd.ParentId).Trim(','); } else { msg.GroupTag = SnowFlake.NewId; msg.Path = SnowFlake.NewId; } if (Regex.Match(cmd.NickName + cmd.Content, CommonHelper.ModRegex).Length <= 0) { msg.Status = Status.Published; } msg.PostDate = DateTime.Now; var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo); if (user != null) { msg.NickName = user.NickName; msg.Email = user.Email; if (user.IsAdmin) { msg.Status = Status.Published; msg.IsMaster = true; } } msg.Content = await cmd.Content.HtmlSantinizerStandard().ClearImgAttributes(); msg.Browser = cmd.Browser ?? Request.Headers[HeaderNames.UserAgent]; msg.IP = ClientIP; msg.Location = Request.Location(); msg = LeaveMessageService.AddEntitySaved(msg); if (msg == null) { return(ResultData(null, false, "留言发表失败!")); } Response.Cookies.Append("NickName", msg.NickName, new CookieOptions() { Expires = DateTimeOffset.Now.AddYears(1), SameSite = SameSiteMode.Lax }); WriteEmailKeyCookie(cmd.Email); MsgFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5); MsgFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); var email = CommonHelper.SystemSettings["ReceiveEmail"]; var content = new Template(await new FileInfo(HostEnvironment.WebRootPath + "/template/notify.html").ShareReadWrite().ReadAllTextAsync(Encoding.UTF8)).Set("title", "网站留言板").Set("time", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")).Set("nickname", msg.NickName).Set("content", msg.Content); if (msg.Status == Status.Published) { if (!msg.IsMaster) { await MessageService.AddEntitySavedAsync(new InternalMessage() { Title = $"来自【{msg.NickName}】的新留言", Content = msg.Content, Link = Url.Action("Index", "Msg", new { cid = msg.Id }) }); } if (msg.ParentId == null) { //新评论,只通知博主 BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客新留言:", content.Set("link", Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme)).Render(false), email, ClientIP)); } else { //通知博主和上层所有关联的评论访客 using var emails = LeaveMessageService.GetQuery(e => e.GroupTag == msg.GroupTag).Select(c => c.Email).Distinct().AsEnumerable().Append(email).Except(new[] { msg.Email }).ToPooledSet(); string link = Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme); foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]} 留言回复:", content.Set("link", link).Render(false), s, ClientIP)); } } return(ResultData(null, true, "留言发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将会显示到列表中!")); } BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客新留言(待审核):", content.Set("link", Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme)).Render(false) + "<p style='color:red;'>(待审核)</p>", email, ClientIP)); return(ResultData(null, true, "留言发表成功,待站长审核通过以后将显示到列表中!")); }