public JsonResult Create(CommentModel model)
{
int status = -1;
if (!ModelState.IsValid)
return Json(status);
IContent parent = Services.ContentService.GetById(model.Id);
if (parent == null)
return Json(status);
int comment_number;
if (parent.Children().Where(x => x.ContentType.Alias == "Comment").Any()) {
IContent last_comment = parent.Children().Where(x => x.ContentType.Alias == "Comment").First();
comment_number = (int)last_comment.GetValue("number") + 1;
}
else
comment_number = 1;
string comment_name = String.Format("comment#{0}", comment_number);
IContent comment = UserContentHelper.CreateUserContent(comment_name, parent.Id, "Comment");
HtmlSanitizer sanitizer = new HtmlSanitizer();
string safe_text = sanitizer.Sanitize(model.Text);
comment.SetValue("text", safe_text);
comment.SetValue("number", comment_number);
var pub_status = Services.ContentService.SaveAndPublishWithStatus(comment);
if(pub_status.Success) {
status = 0;
return Json(status);
}
else
return Json(status);
}
public static string SanitizeHtml(string html, params string[] blackList)
{
var sanitizer = new HtmlSanitizer();
if (blackList != null && blackList.Length > 0)
{
sanitizer.BlackList.Clear();
foreach (string item in blackList)
sanitizer.BlackList.Add(item);
}
return sanitizer.Sanitize(html);
}
