/// <summary> /// 验证邮箱验证码 /// </summary> /// <param name="mailSender"></param> /// <param name="email">邮箱地址</param> /// <param name="code">验证码</param> /// <returns></returns> internal async Task <string> ValidateEmailCode(IMailSender mailSender, string email, string code) { if (CurrentUser.IsAdmin) { return(string.Empty);; } if (string.IsNullOrEmpty(Request.Cookies["ValidateKey"])) { if (string.IsNullOrEmpty(code)) { return("请输入验证码!"); } if (await RedisHelper.GetAsync("code:" + email) != code) { return("验证码错误!"); } } else if (Request.Cookies["ValidateKey"].DesDecrypt(AppConfig.BaiduAK) != email) { Response.Cookies.Delete("Email"); Response.Cookies.Delete("NickName"); Response.Cookies.Delete("ValidateKey"); return("邮箱验证信息已失效,请刷新页面后重新评论!"); } if (mailSender.HasBounced(email)) { Response.Cookies.Delete("Email"); Response.Cookies.Delete("NickName"); Response.Cookies.Delete("ValidateKey"); return("邮箱地址错误,请刷新页面后重新使用有效的邮箱地址!"); } return(string.Empty); }
public async Task <ActionResult> Submit([FromServices] IInternalMessageService messageService, [FromServices] IMailSender mailSender, CommentCommand dto) { var match = Regex.Match(dto.NickName + dto.Content.RemoveHtmlTag(), CommonHelper.BanRegex); if (match.Success) { LogManager.Info($"提交内容:{dto.NickName}/{dto.Content},敏感词:{match.Value}"); return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!")); } if (mailSender.HasBounced(dto.Email) || (!CurrentUser.IsAdmin && dto.Email.EndsWith(CommonHelper.SystemSettings["Domain"]))) { Response.Cookies.Delete("Email"); Response.Cookies.Delete("QQorWechat"); Response.Cookies.Delete("NickName"); return(ResultData(null, false, "邮箱地址错误,请刷新页面后重新使用有效的邮箱地址!")); } Post post = await PostService.GetByIdAsync(dto.PostId) ?? throw new NotFoundException("评论失败,文章未找到"); if (post.DisableComment) { return(ResultData(null, false, "本文已禁用评论功能,不允许任何人回复!")); } dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty); if (CommentFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2) { CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); return(ResultData(null, false, "您的发言频率过快,请稍后再发表吧!")); } var comment = dto.Mapper <Comment>(); if (Regex.Match(dto.NickName + dto.Content, CommonHelper.ModRegex).Length <= 0) { comment.Status = Status.Published; } comment.CommentDate = DateTime.Now; var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo); if (user != null) { comment.NickName = user.NickName; comment.QQorWechat = user.QQorWechat; comment.Email = user.Email; if (user.IsAdmin) { comment.Status = Status.Published; comment.IsMaster = true; } } comment.Content = dto.Content.HtmlSantinizerStandard().ClearImgAttributes(); comment.Browser = dto.Browser ?? Request.Headers[HeaderNames.UserAgent]; comment.IP = ClientIP; comment.Location = Request.Location(); comment = CommentService.AddEntitySaved(comment); if (comment == null) { return(ResultData(null, false, "评论失败")); } Response.Cookies.Append("Email", comment.Email, new CookieOptions() { Expires = DateTimeOffset.Now.AddYears(1), SameSite = SameSiteMode.Lax }); Response.Cookies.Append("QQorWechat", comment.QQorWechat + "", new CookieOptions() { Expires = DateTimeOffset.Now.AddYears(1), SameSite = SameSiteMode.Lax }); Response.Cookies.Append("NickName", comment.NickName, new CookieOptions() { Expires = DateTimeOffset.Now.AddYears(1), SameSite = SameSiteMode.Lax }); CommentFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5); CommentFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); var emails = new HashSet <string>(); var email = CommonHelper.SystemSettings["ReceiveEmail"]; //站长邮箱 emails.Add(email); var content = new Template(await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/notify.html")) .Set("title", post.Title) .Set("time", DateTime.Now.ToTimeZoneF(HttpContext.Session.Get <string>(SessionKey.TimeZone))) .Set("nickname", comment.NickName) .Set("content", comment.Content); if (comment.Status == Status.Published) { if (!comment.IsMaster) { await messageService.AddEntitySavedAsync(new InternalMessage() { Title = $"来自【{comment.NickName}】在文章《{post.Title}》的新评论", Content = comment.Content, Link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }) + "#comment" }); } if (comment.ParentId == 0) { emails.Add(post.Email); emails.Add(post.ModifierEmail); //新评论,只通知博主和楼主 foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论:", content.Set("link", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment").Render(false), s, ClientIP)); } } else { //通知博主和上层所有关联的评论访客 var pid = CommentService.GetParentCommentIdByChildId(comment.Id); emails.AddRange(CommentService.GetSelfAndAllChildrenCommentsByParentId(pid).Select(c => c.Email).ToArray()); emails.AddRange(post.Email, post.ModifierEmail); emails.Remove(comment.Email); string link = Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment"; foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]}文章评论回复:", content.Set("link", link).Render(false), s, ClientIP)); } } return(ResultData(null, true, "评论发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将显示到评论列表中")); } foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客文章新评论(待审核):", content.Set("link", Url.Action("Details", "Post", new { id = comment.PostId, cid = comment.Id }, Request.Scheme) + "#comment").Render(false) + "<p style='color:red;'>(待审核)</p>", s, ClientIP)); } return(ResultData(null, true, "评论成功,待站长审核通过以后将显示")); }
public async Task <ActionResult> Submit([FromServices] IMailSender mailSender, LeaveMessageCommand dto) { var match = Regex.Match(dto.NickName + dto.Content.RemoveHtmlTag(), CommonHelper.BanRegex); if (match.Success) { LogManager.Info($"提交内容:{dto.NickName}/{dto.Content},敏感词:{match.Value}"); return(ResultData(null, false, "您提交的内容包含敏感词,被禁止发表,请检查您的内容后尝试重新提交!")); } if (mailSender.HasBounced(dto.Email) || (!CurrentUser.IsAdmin && dto.Email.EndsWith(CommonHelper.SystemSettings["Domain"]))) { Response.Cookies.Delete("Email"); Response.Cookies.Delete("QQorWechat"); Response.Cookies.Delete("NickName"); return(ResultData(null, false, "邮箱地址错误,请刷新页面后重新使用有效的邮箱地址!")); } dto.Content = dto.Content.Trim().Replace("<p><br></p>", string.Empty); if (MsgFeq.GetOrAdd("Comments:" + ClientIP, 1) > 2) { MsgFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); return(ResultData(null, false, "您的发言频率过快,请稍后再发表吧!")); } var msg = dto.Mapper <LeaveMessage>(); if (Regex.Match(dto.NickName + dto.Content, CommonHelper.ModRegex).Length <= 0) { msg.Status = Status.Published; } msg.PostDate = DateTime.Now; var user = HttpContext.Session.Get <UserInfoDto>(SessionKey.UserInfo); if (user != null) { msg.NickName = user.NickName; msg.QQorWechat = user.QQorWechat; msg.Email = user.Email; if (user.IsAdmin) { msg.Status = Status.Published; msg.IsMaster = true; } } msg.Content = dto.Content.HtmlSantinizerStandard().ClearImgAttributes(); msg.Browser = dto.Browser ?? Request.Headers[HeaderNames.UserAgent]; msg.IP = ClientIP; msg.Location = Request.Location(); msg = LeaveMessageService.AddEntitySaved(msg); if (msg == null) { return(ResultData(null, false, "留言发表失败!")); } Response.Cookies.Append("Email", msg.Email, new CookieOptions() { Expires = DateTimeOffset.Now.AddYears(1), SameSite = SameSiteMode.Lax }); Response.Cookies.Append("QQorWechat", msg.QQorWechat + "", new CookieOptions() { Expires = DateTimeOffset.Now.AddYears(1), SameSite = SameSiteMode.Lax }); Response.Cookies.Append("NickName", msg.NickName, new CookieOptions() { Expires = DateTimeOffset.Now.AddYears(1), SameSite = SameSiteMode.Lax }); MsgFeq.AddOrUpdate("Comments:" + ClientIP, 1, i => i + 1, 5); MsgFeq.Expire("Comments:" + ClientIP, TimeSpan.FromMinutes(1)); var email = CommonHelper.SystemSettings["ReceiveEmail"]; var content = new Template(await System.IO.File.ReadAllTextAsync(HostEnvironment.WebRootPath + "/template/notify.html")).Set("title", "网站留言板").Set("time", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")).Set("nickname", msg.NickName).Set("content", msg.Content); if (msg.Status == Status.Published) { if (!msg.IsMaster) { await MessageService.AddEntitySavedAsync(new InternalMessage() { Title = $"来自【{msg.NickName}】的新留言", Content = msg.Content, Link = Url.Action("Index", "Msg", new { cid = msg.Id }) }); } if (msg.ParentId == 0) { //新评论,只通知博主 BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客新留言:", content.Set("link", Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme)).Render(false), email, ClientIP)); } else { //通知博主和上层所有关联的评论访客 var pid = LeaveMessageService.GetParentMessageIdByChildId(msg.Id); var emails = LeaveMessageService.GetSelfAndAllChildrenMessagesByParentId(pid).Select(c => c.Email).Append(email).Except(new[] { msg.Email }).ToHashSet(); string link = Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme); foreach (var s in emails) { BackgroundJob.Enqueue(() => CommonHelper.SendMail($"{Request.Host}{CommonHelper.SystemSettings["Title"]} 留言回复:", content.Set("link", link).Render(false), s, ClientIP)); } } return(ResultData(null, true, "留言发表成功,服务器正在后台处理中,这会有一定的延迟,稍后将会显示到列表中!")); } BackgroundJob.Enqueue(() => CommonHelper.SendMail(Request.Host + "|博客新留言(待审核):", content.Set("link", Url.Action("Index", "Msg", new { cid = msg.Id }, Request.Scheme)).Render(false) + "<p style='color:red;'>(待审核)</p>", email, ClientIP)); return(ResultData(null, true, "留言发表成功,待站长审核通过以后将显示到列表中!")); }