Esempio n. 1
0
        public JsonResult Add(int letterId, string comment, string commenterName, string commenterEmail)
        {
            Comment comm = new Comment();
            comm.commentDate = DateTime.UtcNow;
            comm.commenterEmail = commenterEmail;
            comm.commenterName = commenterName;
            comm.commentMessage = comment;
            comm.letterId = letterId;
            comm.level = 0;

            string userip = string.Empty;
            userip = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
            if (userip == null || userip == "127.0.0.1")
                userip = Request.ServerVariables["REMOTE_ADDR"];
            comm.commenterIP = userip;

            string current_guid = getCommenterGuid();
            if (current_guid == null)
            {
                current_guid = System.Guid.NewGuid().ToString();

                // new commenter, let's give them a guid
                HttpCookie cookie = new HttpCookie("cId");
                cookie.Value = current_guid;
                cookie.Expires = DateTime.Now.AddDays(1500);
                Response.Cookies.Add(cookie);
            }

            comm.commenterGuid = current_guid;

            // add comment,
            // notify all users who are subscribed to that letter
            string host = "";

            switch (Request.Url.Port)
            {
                case 80:
                    host = "http://" + Request.Url.Host + VirtualPathUtility.ToAbsolute("~/");
                    break;
                default:
                    host = "http://" + Request.Url.Host + ":" + Request.Url.Port + VirtualPathUtility.ToAbsolute("~/");
                    break;
            }

            _commentService.AddComment(comm, host);

            return Json(comm, JsonRequestBehavior.AllowGet);
        }
Esempio n. 2
0
        public void AddComment(Comment comment, Letter letter)
        {
            letter transposed = Mapper.Map<Letter, letter>(letter);

            db_mysql db_mysql = new db_mysql();
            db_mysql.letters.Attach(transposed);
            var letter_obj = db_mysql.Entry(transposed);

            if (comment.level > -1)
            {
                letter_obj.Property(e => e.letterComments).IsModified = true;
                transposed.letterComments = transposed.letterComments + 1;
            }

            db_mysql.comments.Add(Mapper.Map<Comment, comment>(comment));
            db_mysql.SaveChanges();
        }
Esempio n. 3
0
        public JsonResult Mail(string letterText, string letterCountry, string mobile = "0")
        {
            String error_message = string.Empty;
            string userip = string.Empty;
            userip = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
            if (userip == null || userip == "127.0.0.1")
                userip = Request.ServerVariables["REMOTE_ADDR"];

            string userid = null;

            if (User.Identity.IsAuthenticated == true)
            {
                MembershipUser MemUser = Membership.GetUser();
                userid = MemUser.ProviderUserKey.ToString();
            }

            Core.Model.Letter letter;

            try
            {
                letter = _letterService.Mail(Server.HtmlDecode(letterText), letterCountry, userip, userid, int.Parse(mobile), ref error_message);

                if (User.Identity.IsAuthenticated == true && letter != null)
                {
                    // add an invisible comment so that the user will receive email notifications

                    Comment invisa_comment = new Comment();
                    invisa_comment.level = -2;
                    invisa_comment.letterId = letter.Id;
                    invisa_comment.sendEmail = true;
                    invisa_comment.commentDate = DateTime.UtcNow;
                    invisa_comment.commenterEmail = User.Identity.Name;
                    invisa_comment.commenterGuid = System.Guid.NewGuid().ToString();
                    invisa_comment.commenterName = "";

                    // add comment,
                    // notify all users who are subscribed to that letter
                    string host = "";

                    switch (Request.Url.Port)
                    {
                        case 80:
                            host = "http://" + Request.Url.Host + VirtualPathUtility.ToAbsolute("~/");
                            break;
                        default:
                            host = "http://" + Request.Url.Host + ":" + Request.Url.Port + VirtualPathUtility.ToAbsolute("~/");
                            break;
                    }

                    _commentService.AddComment(invisa_comment, host);

                }
            }
            catch (Exception ex) {
                letter = null;
                error_message = ex.Message;
            }

            // remove the more page
            // and mod page cache objects so they
            // get pulled again immedately with the new data
            HttpContext.Cache.Remove("mod-page-1");
            HttpContext.Cache.Remove("more-page-1");

            if (letter != null)
            {
                return Json(new { response = 1, message = letter.Id, guid = letter.letterTags }, JsonRequestBehavior.AllowGet);
            }
            else
            {
                return Json(new { response = 0, message = error_message, guid = "Error in response" }, JsonRequestBehavior.AllowGet);
            }
        }
Esempio n. 4
0
        public ActionResult Details(FormCollection fc)
        {
            int letterId = int.Parse(fc["letterId"].ToString());
            string name = fc["commenterName"].ToString();
            string email = fc["commenterEmail"].ToString();
            string message = fc["comment"].ToString();
            bool using_mobile = false;
            bool mod_mode = false;

            if(fc["mod_mode"].Contains("true")) {
                mod_mode = true;
            } else {
                mod_mode = false;
            };

            if(fc["mobile"].ToString() == "1") {
                using_mobile = true;
            }

            string userip = string.Empty;
            userip = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
            if (userip == null || userip == "127.0.0.1")
                userip = Request.ServerVariables["REMOTE_ADDR"];

            if (fc["robotTestCookie"] != "love")
            {

                //Contact msg = new Contact();

                //msg.Message = "HomeController caught a robot: " + email + ": <br /><br />" + message + "<br><br>sent from ip: " + userip;

                //_mailService.SendContact(msg.Message, msg.Email);

                return View();
            }

            Core.Model.Comment comm = new Core.Model.Comment();
            comm.commentDate = DateTime.UtcNow;
            comm.commenterEmail = email;
            comm.commenterName = name;
            comm.commentMessage = message;
            comm.letterId = letterId;
            comm.level = 0;
            comm.commenterIP = userip;

            string current_guid = getCommenterGuid();
            if (current_guid == null)
            {
                current_guid = System.Guid.NewGuid().ToString();

                // new commenter, let's give them a guid
                HttpCookie cookie = new HttpCookie("cId");
                cookie.Value = current_guid;
                cookie.Expires = DateTime.Now.AddDays(1500);
                Response.Cookies.Add(cookie);
            }

            comm.commenterGuid = current_guid;

            if (mod_mode == true && User.IsInRole("mod"))
            {
                comm.commenterGuid = "mod" + current_guid.Substring(2, current_guid.Length - 3);
            }

            if (email != null)
            {
                comm.sendEmail = true;
            }

            // add comment,
            // notify all users who are subscribed to that letter
            string host = "";

            switch (Request.Url.Port)
            {
                case 80:
                    host = "http://" + Request.Url.Host + VirtualPathUtility.ToAbsolute("~/");
                    break;
                default:
                    host = "http://" + Request.Url.Host + ":" + Request.Url.Port + VirtualPathUtility.ToAbsolute("~/");
                    break;
            }

            _commentService.AddComment(comm, host);

            if (using_mobile == true)
            {
                return RedirectToRoute("DetailsMobile", new { id = letterId, mobile = 1 });
            }
            else
            {
                return RedirectToAction("Details", new { id = letterId });
            }
        }
Esempio n. 5
0
        public void AddComment(Comment comment, string host)
        {
            // spam protection
            List<Block> blocked_ips = _blockService.getBlocks(blockType.blockIP, blockWhat.blockComment);

            List<string> banned_ips = new List<string>();

            foreach (Block b in blocked_ips)
            {
                banned_ips.Add(b.Value);
            }

            Letter lucky_letter = _queryLetters.getLetter(comment.letterId);

            // time to ban people
            List<String> banned_commenters = new List<String>();
            banned_commenters.Add("10315e2a-e671-4c1c-91be-4aff797bf852");
            banned_commenters.Add("33ce0d70-cf48-49c9-9ab2-0fe61ebc84f8");
            banned_commenters.Add("82f7c276-bdee-4e09-943e-39b45f3e7a07");
            //banned_commenters.Add("26ace590-d40e-4a03-a968-d160744437f5");

            if (banned_commenters.Contains(comment.commenterGuid))
            {
                _mailService.SendContact("Banned comment: <br><br>" + comment.commenterName + " (" + comment.commenterGuid + "): " + comment.commentMessage, "*****@*****.**");
                return;
            }

            banned_ips.Add("100.2.225.62");

            if(banned_ips.Contains(comment.commenterIP)) {
                //_mailService.SendContact("Banned comment (ip, " + comment.commenterIP + "): <br><br>" + comment.commenterName + " (" + comment.commenterGuid + "): " + comment.commentMessage, "*****@*****.**");
                return;
            }

            // if an ip starts with any one of these,
            // we're going to block these lamers.
            List<String> spammer_ips = new List<String>();
            spammer_ips.Add("65.49.14");
            spammer_ips.Add("111.118.37");
            spammer_ips.Add("119.226.253");
            spammer_ips.Add("79.123.220");
            spammer_ips.Add("58.22.10");
            spammer_ips.Add("218.108.85");
            spammer_ips.Add("202.121.96");
            spammer_ips.Add("110.170.46");
            spammer_ips.Add("219.141.240");
            spammer_ips.Add("46.105.114");
            spammer_ips.Add("124.158.1");
            spammer_ips.Add("137.175.118");
            spammer_ips.Add("93.115.94");
            spammer_ips.Add("213.175.167");

            List<Block> blocked_subnet_ips = _blockService.getBlocks(blockType.blockSubnet, blockWhat.blockComment);

            List<string> ban_list_v2 = new List<String>();

            foreach (Block b in blocked_subnet_ips)
            {
                ban_list_v2.Add(b.Value);
            }

            if(comment.commenterIP != null && spammer_ips.Any(rax=>comment.commenterIP.StartsWith(rax))) {
                //_mailService.SendContact("Spammer shut down, ip: " + comment.commenterIP, "*****@*****.**");
                return;
            }

            if (comment.commenterIP != null && ban_list_v2.Any(rax => comment.commenterIP.StartsWith(rax)))
            {
                string subnet_ip = ban_list_v2.Any(rax => comment.commenterIP.StartsWith(rax)).ToString();
                string blockedMsg = String.Format("blocked comment due to subnet (subnet: {0}, ip: {1}): <br /><br />{2}", subnet_ip, comment.commenterIP, comment.commentMessage);
                _mailService.SendContact(blockedMsg, "*****@*****.**");
                return;
            }

            if(comment.commentMessage != null && comment.commentMessage.Contains("mygardeningplace.com")) {
                _mailService.SendContact("mygardeningplace spam shut down.", "*****@*****.**");
                return;
            }

            if (comment.commentMessage != null && comment.commentMessage.Contains("mycraftingplace.com"))
            {
                _mailService.SendContact("mycraftingplace.com spam shut down.", "*****@*****.**");
                return;
            }

            if (comment.commentMessage != null && comment.commentMessage.Contains("bio2008.org"))
            {
                _mailService.SendContact("bio2008.org spam shut down.", "*****@*****.**");
                return;
            }

            if (comment.commentMessage != null && comment.commentMessage.Contains("countylinechiro.com"))
            {
                _mailService.SendContact("bio2008.org spam shut down.", "*****@*****.**");
                return;
            }

            if (comment.commentMessage != null && comment.commentMessage.Contains("cfnmtoob.com"))
            {
                _mailService.SendContact("cfnmtoob.com spam shut down.", "*****@*****.**");
                return;
            }

            //if (comment.commentMessage != null && comment.commentMessage.Contains("http://"))
            //{
            //    //_mailService.SendContact("link shut down: <br/>" + comment.commentMessage, "*****@*****.**");
            //    return;
            //}

            // /connect.masslive.com

            if (comment.commentMessage != null && comment.commentMessage.Contains("connect.masslive.com"))
            {
                //_mailService.SendContact("connect.masslive.com spam shut down.", "*****@*****.**");
                return;
            }

            //
            // sanitize the input
            //

            //
            // add some basic html to the comment to make it look better
            //

            string basic_text = comment.commentMessage;

            // first, we make sure that the first line
            // is a paragraph
            basic_text = "<p>" + basic_text;

            // then we make sure the last line closes it
            basic_text = basic_text + "</p>";

            // now all line breaks in the middle should
            // start new paragraphs
            basic_text = basic_text.Replace("\n", "</p><p>");

            comment.commentMessage = basic_text;

            if (comment.commenterName.Length == 0)
            {
                comment.commenterName = "anonymous lover";
            }

            // Send notifications before the latest comment is added.
            // this means the newest commenter does not get a notification,
            // which is what we want -- they already know they
            // have added a comment.
            SendNotifications(comment.letterId, host);

            _queryComments.AddComment(comment, lucky_letter);
        }