private string formatInputValue(ModelBindingContext bindingContext, string inputValue, bool cleanHtml) { if (string.IsNullOrEmpty(inputValue)) { return(inputValue); } if (cleanHtml) { //处理多行纯文本 inputValue = HtmlUtility.CleanHtml(inputValue, TrustedHtmlLevel.HtmlEditor); } else { //处理html标签 inputValue = HtmlUtility.StripHtml(inputValue, true, false); inputValue = Formatter.FormatMultiLinePlainTextForStorage(inputValue, false); } inputValue = StringUtility.StripSQLInjection(inputValue); if (string.IsNullOrEmpty(inputValue)) { bindingContext.ModelState.AddModelError("UnTrustedHtml", "内容未通过验证或包含非法字符如<、>!"); } return(inputValue); }
/// <summary> /// 转换成BarPost类型 /// </summary> /// <returns></returns> public BarPost AsBarPost() { BarThread thread = new BarThreadService().Get(this.ThreadId); BarPostService service = new BarPostService(); BarPost post = null; //编辑的情况 if (this.PostId.HasValue) { post = service.Get(this.PostId ?? 0); if (post == null) { return(null); } } else { //创建的情况 post = BarPost.New(); post.AuditStatus = AuditStatus.Success; post.TenantTypeId = thread.TenantTypeId; post.ThreadId = this.ThreadId; if (UserContext.CurrentUser != null) { post.UserId = UserContext.CurrentUser.UserId; post.Author = UserContext.CurrentUser.DisplayName; } else { post.UserId = 0; post.Author = "匿名用户"; } post.OwnerId = thread == null ? 0 : thread.OwnerId; post.SectionId = thread == null ? 0 : thread.SectionId; post.ParentId = this.ParentId; } if (!string.IsNullOrEmpty(this.Body)) { post.Body = this.Body; } else { this.MultilineBody = HtmlUtility.CleanHtml(this.MultilineBody, TrustedHtmlLevel.Basic); this.MultilineBody = new EmotionService().EmoticonTransforms(this.MultilineBody); post.Body = this.MultilineBody; } return(post); }
/// <summary> /// 转换为Message用于数据库存储 /// </summary> public Message AsMessage() { #region 对内容和标题的相关处理 WordFilterStatus status = WordFilterStatus.Replace; string newBody = WordFilter.SensitiveWordFilter.Filter(this.Body, out status); newBody = HtmlUtility.CleanHtml(this.Body, TrustedHtmlLevel.Basic); #endregion Message message = Message.New(); message.Subject = this.Subject; message.Body = this.Body; message.IsRead = false; IUser user = UserContext.CurrentUser; if (user != null) { message.Sender = user.DisplayName; message.SenderUserId = user.UserId; } return(message); }
/// <summary> /// 内容过滤 /// </summary> /// <param name="body">待过滤内容</param> /// <param name="isBanned">是否禁止提交</param> private string TextFilter(string body, out bool isBanned) { isBanned = false; if (string.IsNullOrEmpty(body)) { return(body); } string temBody = body; WordFilterStatus staus = WordFilterStatus.Replace; temBody = WordFilter.SensitiveWordFilter.Filter(body, out staus); if (staus == WordFilterStatus.Banned) { isBanned = true; return(body); } body = temBody; HtmlUtility.CleanHtml(body, TrustedHtmlLevel.Basic); return(body); }
/// <summary> /// /// </summary> /// <param name="controllerContext"></param> /// <param name="bindingContext"></param> /// <returns></returns> public override object BindModel(ControllerContext controllerContext, ModelBindingContext bindingContext) { var value = base.BindModel(controllerContext, bindingContext); if (value == null) { return(value); } if (controllerContext.RouteData.Values.ContainsKey(bindingContext.ModelName)) { return(value); } string[] tempArray = null; if (bindingContext.ModelType.FullName.Contains("System.String") && value is Array) { tempArray = (string[])value; } //内容过滤 if ((tempArray != null && tempArray.Length > 0) || value is string && !string.IsNullOrEmpty(value as string)) { if (controllerContext.Controller.ValueProvider.ContainsPrefix(bindingContext.ModelName) || bindingContext.ModelMetadata.ContainerType != null) { //处理敏感词 WordFilterStatus status = WordFilterStatus.Banned; if (tempArray != null && tempArray.Length > 0) { for (int i = 0; i < tempArray.Length; i++) { tempArray[i] = WordFilter.SensitiveWordFilter.Filter(tempArray[i], out status); if (status == WordFilterStatus.Banned) { bindingContext.ModelState.AddModelError("SensitiveWord", "内容未通过验证或包含非法词语!"); break; } } return(tempArray); } string tempValue = (value as string).Trim(); Type type = bindingContext.ModelMetadata.ContainerType; PropertyInfo propertyInfo = null; if (type != null) { propertyInfo = type.GetProperty(bindingContext.ModelName); } var noFilterWordAttribute = propertyInfo != null?Attribute.GetCustomAttribute(propertyInfo, typeof(NoFilterWordAttribute)) as NoFilterWordAttribute : null; if (noFilterWordAttribute == null) { tempValue = WordFilter.SensitiveWordFilter.Filter(tempValue, out status); if (status == WordFilterStatus.Banned) { bindingContext.ModelState.AddModelError("SensitiveWord", "内容未通过验证或包含非法词语!"); return(tempValue); } } if (propertyInfo != null) { var dataTypeAttribute = Attribute.GetCustomAttribute(propertyInfo, typeof(DataTypeAttribute)) as DataTypeAttribute; if (dataTypeAttribute != null) { if (dataTypeAttribute.DataType == DataType.MultilineText) { //处理多行纯文本 tempValue = Formatter.FormatMultiLinePlainTextForStorage(tempValue, false); } else if (dataTypeAttribute.DataType == DataType.Html) { //处理html标签 tempValue = HtmlUtility.CleanHtml(tempValue, TrustedHtmlLevel.HtmlEditor); } } } return(tempValue); } } return(value); }