예제 #1
0
        private void AuditComment(Comment comment)
        {
            NameValueCollection parameters = HttpUtility.ParseQueryString(String.Empty);
            parameters.Add("blog", baseUrl + "/");
            parameters.Add("user_ip", comment.Author.IpAddress);
            parameters.Add("user_agent", comment.Author.UserAgent);
            parameters.Add("referrer", comment.Referrer);
            parameters.Add("permalink", String.Format("{0}/{1}/", baseUrl, comment.PostName));
            parameters.Add("comment_type", "comment");
            parameters.Add("comment_author", comment.Author.Name);
            parameters.Add("comment_author_email", comment.Author.Email);
            parameters.Add("comment_content", transformer.Transform(comment.Content));

            // 至少要有一个非ASCII字符
            bool isSpam = comment.Content.All(c => c <= 255);

            if (!isSpam) {
                isSpam = CheckSpam(parameters.ToString());
            }

            if (!isSpam) {
                parameters.Set("comment_content", comment.Content);
                isSpam = CheckSpam(parameters.ToString());
            }

            if (isSpam) {
                comment.Audited = false;
                session.Update(comment);
            }
        }
예제 #2
0
 public void Process(Comment comment)
 {
     AuditComment(comment);
     if (comment.Audited && comment.Target.HasValue) {
         NotifyReplyTarget(comment);
     }
 }
예제 #3
0
 private CommentView RenderComment(Comment comment, IDictionary<int, string> authors)
 {
     CommentView view = new CommentView() {
         Id = comment.Id,
         Author = comment.Author,
         Content = SafeTransformer.Transform(comment.Content),
         PostName = comment.PostName,
         PostTime = comment.PostTime,
         Target = comment.Target
     };
     if (view.Target.HasValue) {
         view.TargetAuthorName = authors[view.Target.Value];
     }
     return view;
 }
예제 #4
0
 private static void ProcessComment(Comment comment, IKernel Kernel)
 {
     using (CommentProcessor processor = Kernel.Get<CommentProcessor>()) {
         processor.Process(comment);
     }
 }
예제 #5
0
        public ActionResult PostComment(Comment comment)
        {
            comment.Author.Name = comment.Author.Name.Trim();
            comment.Author.Email = comment.Author.Email.Trim();

            // 验证
            if (String.IsNullOrEmpty(comment.Author.Name) ||
                comment.Author.Name.Length > 60) {
                ModelState.AddModelError("name", validationMessages["name"]);
            }
            if (String.IsNullOrEmpty(comment.Author.Email) ||
                comment.Author.Email.Length > 100 ||
                !emailRule.IsMatch(comment.Author.Email)) {
                ModelState.AddModelError("email", validationMessages["email"]);
            }
            if (String.IsNullOrEmpty(comment.Content.Trim())) {
                ModelState.AddModelError("content", validationMessages["content"]);
            }

            if (!ModelState.IsValid) {
                if (Request.IsAjaxRequest()) {
                    Dictionary<string, string> result = ModelState
                        .Where(m => m.Value.Errors.Any())
                        .ToDictionary(m => m.Key, m => m.Value.Errors[0].ErrorMessage);
                    return new NewtonJsonActionResult(result);
                }
                else {
                    PostEntry entry = DbSession.QueryOver<PostEntry>()
                        .Where(p => p.Name == comment.PostName)
                        .SingleOrDefault();
                    entry = RenderEntry(entry);
                    ViewBag.Comment = comment;
                    ViewBag.Title = String.Format("{0} - 宅居 - 宅并技术着", entry.Title);
                    return View("ViewPost", entry);
                }
            }

            comment.PostTime = DateTime.Now;
            comment.Author.IpAddress = Request.UserHostAddress;
            comment.Author.UserAgent = Request.UserAgent;
            comment.Audited = true; // 默认为已审核,有需要的再屏蔽
            comment.Referrer = Request.UrlReferrer == null ? String.Empty : Request.UrlReferrer.ToString();
            if (comment.Referrer.Length > 200) {
                comment.Referrer = comment.Referrer.Substring(0, 200);
            }

            Dictionary<int, string> targetAuthor = new Dictionary<int, string>();
            if (comment.Target.HasValue) {
                Comment target = DbSession.Get<Comment>(comment.Target);
                // 防止CSRF攻击,评论只能评论同一文章下的
                if (target == null || target.PostName != comment.PostName) {
                    comment.Target = null;
                }
                else {
                    targetAuthor[comment.Target.Value] = target.Author.Name;
                }
            }

            DbSession.Save(comment);

            // 审核评论要有网络交互,异步进行不影响用户收到响应
            Task task = new Task(() => ProcessComment(comment, Kernel)); ;
            task.Start();

            if (Request.IsAjaxRequest()) {
                CommentView commentView = RenderComment(comment, targetAuthor);
                ViewResult view = View("Comment", commentView);
                return new CreatedActionResult(Url.Content("~/" + comment.PostName), view);
            }
            else {
                return Redirect(Url.Content("~/" + comment.PostName + "/"));
            }
        }
예제 #6
0
 private CommentAuditionView RenderCommentView(Comment comment, IDictionary<string, PostExcerpt> posts)
 {
     return new CommentAuditionView() {
         Id = comment.Id,
         Audited = comment.Audited,
         Author = comment.Author,
         Content = SafeTransformer.Transform(comment.Content),
         Post = posts[comment.PostName],
         PostName = comment.PostName,
         PostTime = comment.PostTime,
         Target = comment.Target
     };
 }
예제 #7
0
 private void NotifyReplyTarget(Comment comment)
 {
     Comment replyTarget = session.Get<Comment>(comment.Target.Value);
     PostExcerpt post = session.Get<PostExcerpt>(comment.PostName);
     if (replyTarget != null) {
         MailMessage message = new MailMessage(
             new MailAddress(email, siteName),
             new MailAddress(replyTarget.Author.Email, replyTarget.Author.Name)
         );
         message.Subject = String.Format("你在 {0} 的评论收到了回复", post.Title);
         message.Body = String.Format(
             template,
             replyTarget.Author.Name, post.Title,
             transformer.Transform(replyTarget.Content),
             comment.Author.Name,
             transformer.Transform(comment.Content),
             baseUrl, post.Name, comment.Id
         );
         message.IsBodyHtml = true;
         message.SubjectEncoding = Encoding.UTF8;
         message.BodyEncoding = Encoding.UTF8;
         using (SmtpClient client = new SmtpClient()) {
             client.Send(message);
         }
     }
 }