public ActionResult Comment()
{
string commentContent = Request["commentContent"];
string commentText = Request["commentText"];
if (string.IsNullOrEmpty(commentContent))
{
return(Json(new { code = -1, message = "请输入留言内容!" }, JsonRequestBehavior.AllowGet));
}
Blogs.Entity.blog_tb_blog blog = Utility.BlogBll.GetEntity(base.BlogID);
if (blog.IsCloseBoard)
{
return(Json(new { code = -999, message = "系统已经关闭留言!" }, JsonRequestBehavior.AllowGet));
}
if (!Utility.CommentBll.IsAllowCommentContent(commentContent))
{
return(Json(new { code = -1, message = "输入的内容有危险性!" }, JsonRequestBehavior.AllowGet));
}
DateTime?lastDate = null;
if (Session["lastDate"] != null)
{
lastDate = Convert.ToDateTime(Session["lastDate"]);
}
if (lastDate == null || (DateTime.Now.Subtract(lastDate.Value).TotalSeconds > 60))
{
Blogs.Entity.blog_tb_Board model = new Entity.blog_tb_Board();
model.ID = Guid.NewGuid().ToString("N");
model.Mark = commentContent; //html过滤
model.IP = Utility.GetClientIP(HttpContext);
model.UserID = Utility.UserID;
model.ADD_DATE = DateTime.Now;
model.UPDATE_DATE = DateTime.Now;
Utility.BoardBll.Insert(model);
Session["lastDate"] = DateTime.Now;
return(Json(new { code = 1, message = "发布成功" }, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(new { code = -3, message = (60 - (int)(DateTime.Now.Subtract(lastDate.Value).TotalSeconds) + "秒内不能重复留言!") }, JsonRequestBehavior.AllowGet));
}
}
public void OnAuthorization(AuthorizationContext filterContext)
{
HttpContextBase context = filterContext.HttpContext;
HttpRequestBase Request = context.Request;
HttpResponseBase Response = context.Response;
HttpServerUtilityBase Server = context.Server;
string url = Request.Url.ToString().ToLower();
//20170109
url = Request.Url.Scheme + "://" + Request.Url.Host + Request.RawUrl;
//如果用下面一段 nginx 不能正常
//if (Regex.IsMatch(url, "^http://", RegexOptions.IgnoreCase) && Request.Url.Port == 80)
//{
// Response.StatusCode = 301;
// Response.Status = "301 Moved Permanently";
// Response.AddHeader("Location", url.Replace("http://", "https://"));
// Response.End();
// return;
//}
if (Regex.IsMatch(url, "^http://" + Request.Url.Host + "/Account", RegexOptions.IgnoreCase))
{
return;
}
if (Regex.IsMatch(url, "^http://" + Request.Url.Host + ":\\d+/Account", RegexOptions.IgnoreCase))
{
return;
}
if (HttpContext.Current.Session != null)
{
if (HttpContext.Current.Session["blog"] == null)
{
if (!String.IsNullOrEmpty(UserInfo.UserID))
{
Blogs.Entity.blog_tb_blog blog = Utility.BlogBll.GetSingleBlogByUserID(UserInfo.UserID);
if (blog == null)
{
Response.ContentType = "text/html";
Response.Write("你无权管理该博客,<a href='http://user.kecq.com'>我的个人中心</a>");
Response.End();
//if (!Request.FilePath.Equals("/BlogManager/Create",StringComparison.CurrentCultureIgnoreCase))
//{
// Response.ContentType = "text/html";
// Response.Write("你还没有创建博客<a href='http://manage.blogmi.cn/BlogManager/Create'>点这里创建</a>");
// Response.End();
// throw new CustomException("你还没有创建博客");
//}
}
else
{
HttpContext.Current.Session["blog"] = blog;
}
}
}
}
string ingoreLogined = "&IsIngoreLogined=1";
ingoreLogined = ""; //暂时不支持一个浏览器登录多个用户
if (context.User != null)
{
if (!context.User.Identity.IsAuthenticated)
{
if (String.IsNullOrEmpty(Request.QueryString["token"]))
{
context.Response.Redirect(System.Configuration.ConfigurationManager.AppSettings["PassportRootUrl"].TrimEnd('/') + "/Login?BackUrl=" + context.Server.UrlEncode(url) + ingoreLogined);
context.Response.End();
}
else
{
string s = FYJ.Common.HttpHelper.DoGet(System.Configuration.ConfigurationManager.AppSettings["PassportRootUrl"].TrimEnd('/') + "/Login/TokenGetCredence?token=" + Request.QueryString["Token"]);
if (!String.IsNullOrEmpty(s))
{
JObject v = (JObject)Newtonsoft.Json.JsonConvert.DeserializeObject(s);
string userName = v["userName"].ToString();
string userID = v["userID"].ToString();
string userRole = "会员";
if (userName == "admin")
{
userRole = "管理员,会员";
}
//建立表单验证票据
FormsAuthenticationTicket Ticket = new FormsAuthenticationTicket(1, s, DateTime.Now, DateTime.MaxValue, true, userRole, "/");
//使用webcongfi中定义的方式,加密序列化票据为字符串
string HashTicket = FormsAuthentication.Encrypt(Ticket);
//将加密后的票据转化成cookie
HttpCookie UserCookie = new HttpCookie(FormsAuthentication.FormsCookieName, HashTicket);
//添加到客户端cookie
Response.Cookies.Add(UserCookie);
url = Regex.Replace(url, @"(\?|&)Token=.*", "", RegexOptions.IgnoreCase);
//登录成功后重定向
Response.Redirect(url);
}
else
{
url = Regex.Replace(url, @"(\?|&)Token=.*", "", RegexOptions.IgnoreCase);
Response.Redirect(System.Configuration.ConfigurationManager.AppSettings["PassportRootUrl"].TrimEnd('/') + "/Login?BackURL=" + Server.UrlEncode(url) + ingoreLogined);
}
}
}
}
}
