public void OnGet(int?id)
{
if (id != null)
{
Current = _db.Articles.Find(id);
}
if (Current == null)
{
Current = _db.Articles.OrderByDescending(a => a.Id).Take(1).Single();
}
Current.ViewCount++;
#if DEBUG
#else
_db.SaveChanges();
#endif
var comments = _db.Entry(Current)
.Collection(a => a.Comments)
.Query()
.Where(c => c.Status == (int)Comment.StatusType.Verified)
.ToList();
Current.Comments = comments;
}
public IActionResult Login(string username, string password)
{
if (HttpContext.Session.Get("UUID") != null)
{
return(NoContent());
}
if (username.Length > 20 || password.Length > 20)
{
return(BadRequest());
}
Visit v;
if (username == Config.Current.Admin.Username && password == Config.Current.Admin.Password)
{
HttpContext.Session.SetString("UUID", Guid.NewGuid().ToString());
v = Utility.Log(Request, "Login Ok");
_db.Visits.Add(v);
_db.SaveChanges();
return(Ok());
}
v = Utility.Log(Request, "Login Failed : " + username + " : " + password);
_db.Visits.Add(v);
_db.SaveChanges();
return(NotFound());
}
public IActionResult Index()
{
#if DEBUG
return(Ok());
#endif
var v = Utility.Log(Request, "Page View");
_db.Visits.Add(v);
_db.SaveChanges();
return(Ok());
}
public IActionResult Comment(int id, string email, string name, string subject, string content)
{
if (email == null || !Regex.IsMatch(email, "\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*"))
{
return(BadRequest("Bad email format."));
}
if (name == null || name.Length > 50)
{
return(BadRequest("Name too long."));
}
if (subject == null || subject.Length > 50)
{
return(BadRequest("Subject too long."));
}
if (content == null || content.Length > 255)
{
return(BadRequest("Content too long."));
}
name = Utility.Sanitize(name);
subject = Utility.Sanitize(subject);
content = Utility.Sanitize(content);
var comment = new Comment
{
ArticleId = id,
Email = email,
Author = name,
Subject = subject,
Content = content
};
_db.Comments.Add(comment);
try
{
_db.SaveChanges();
return(Ok());
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
}