public async Task <IActionResult> CreateComment(ForumEndPointViewModel model)
{
List <string> errors = new List <string>();
if (ModelState.IsValid)
{
var parent = await(from e in DBContext.ForumEndpoints
where e.Id.ToString() == model.EndpointId
select e).FirstOrDefaultAsync();
var creator = await(from u in DBContext.Users
where u.NormalizedEmail == model.CommentCreatorEmail.ToUpper()
select u).FirstOrDefaultAsync();
if ((model.CommentText.IndexOf("<script>") != -1) || (model.CommentText.IndexOf("</script>") != -1))
{
errors.Add("Теги <script> запрещены!");
return(RedirectToAction("ForumEndpoint", new { EndpointId = model.EndpointId, Errors = errors })); //<---
}
var safeText = model.CommentText.Replace("<script>", ""); //на всякий
safeText = safeText.Replace("\n", "<br>");
var NewComment = new EForumComment()
{
CreatorId = creator.Id,
CreatorEmail = creator.Email,
CreatorFio = creator.FIO,
CreationDate = System.DateTime.Now,
ParentEndpoint = parent,
Text = model.CommentText,
PinnedFiles = new List <EForumFile>()
};
if (model.CommentUploadedFiles != null)
{
string outfolder = environment.WebRootPath + "/ForumFiles/CFiles/" + model.EndpointName + "_"
+ System.DateTime.Now.ToString("s").Replace(":", "-") + "/";
if (!Directory.Exists(outfolder))
{
Directory.CreateDirectory(outfolder);
}
foreach (IFormFile file in model.CommentUploadedFiles)
{
if (file.Length >= 10485760)
{
errors.Add("Нельзя загружать файлы свыше 10 Мегабайт.");
return(RedirectToAction("ForumEndpoint", new { EndpointId = model.EndpointId, Errors = errors }));
}
var outpath = outfolder + file.FileName;
using (var fileStream = new FileStream(outpath, FileMode.Create))
{
await file.CopyToAsync(fileStream);
}
var efile = new EForumFile()
{
Name = file.FileName,
Path = outpath,
TypeOfParent = 2,
ForumComment = NewComment
};
DBContext.ForumFiles.Add(efile);
NewComment.PinnedFiles.Add(efile);
}
}
DBContext.ForumComments.Add(NewComment);
await DBContext.SaveChangesAsync();
return(RedirectToAction("ForumEndpoint", new { EndpointId = model.EndpointId }));
}
errors.Add("Комментарий не может быть пустым");
return(RedirectToAction("ForumEndpoint", new { EndpointId = model.EndpointId, Errors = errors }));
}
public async Task <IActionResult> EditForumComment(EditForumCommentViewModel model)
{
if (ModelState.IsValid)
{
var comment = await(from e in DBContext.ForumComments.Include(f => f.PinnedFiles)
where e.Id.ToString() == model.CommentId
select e).FirstOrDefaultAsync();
var parentEndpoint = await(from e in DBContext.ForumEndpoints.Include(c => c.Comments)
where e.Id.ToString() == model.EndpointId
select e).FirstOrDefaultAsync();
if ((model.CommentText.IndexOf("<script>") != -1) || (model.CommentText.IndexOf("</script>") != -1))
{
ModelState.AddModelError("scripts", "Теги <script> запрещены!");
return(View(model));
}
var safeText = model.CommentText.Replace("<script>", "");//на всякий
safeText = safeText.Replace("\n", "<br>");
safeText += "<br><i id='upd'>Отредактирован " + System.DateTime.Now.ToString("d") + "</i>";
DBContext.ForumComments.Update(comment).Entity.Text = safeText;
if (model.CommentUploadedFiles != null)
{
string outfolder;
if ((comment.PinnedFiles != null) && (comment.PinnedFiles.Count > 0))
{
outfolder = comment.PinnedFiles[0].Path.Replace(comment.PinnedFiles[0].Name, String.Empty);
}
else
{
outfolder = environment.WebRootPath + "/ForumFiles/CFiles/" + parentEndpoint.Name + "_"
+ System.DateTime.Now.ToString("s").Replace(":", "-") + "/";
if (!Directory.Exists(outfolder))
{
Directory.CreateDirectory(outfolder);
}
}
foreach (IFormFile file in model.CommentUploadedFiles)
{
if (file.Length >= 10485760)
{
ModelState.AddModelError("FileTooBig", "Нельзя загружать файлы свыше 10 Мегабайт.");
return(View(model));
}
var outpath = outfolder + file.FileName;
using (var fileStream = new FileStream(outpath, FileMode.Create))
{
await file.CopyToAsync(fileStream);
}
var efile = new EForumFile()
{
Name = file.FileName,
Path = outpath,
TypeOfParent = 2,
ForumComment = comment
};
DBContext.ForumFiles.Add(efile);
DBContext.ForumComments.Update(comment).Entity.PinnedFiles.Add(efile);
}
}
await DBContext.SaveChangesAsync();
return(RedirectToAction("ForumEndpoint", new { EndpointId = model.EndpointId }));
}
return(View(model));
}
public async Task <IActionResult> CreateForumEndpoint(CreateForumEndpointViewModel model)
{
if (ModelState.IsValid)
{
var creator = await(from u in DBContext.Users
where u.NormalizedEmail == model.CreatorEmail.ToUpper()
select u).FirstOrDefaultAsync();
var parentNode = await(from n in DBContext.ForumNodes.Include(n => n.ChildEndpoints)
where n.Id.ToString() == model.ParentNodeId
select n).FirstOrDefaultAsync();
if ((model.EndpointText.IndexOf("<script>") != -1) || (model.EndpointText.IndexOf("</script>") != -1))
{
ModelState.AddModelError("scripts", "Теги <script> запрещены!");
return(View(model));
}
var safeText = model.EndpointText.Replace("<script>", "");//на всякий
safeText = safeText.Replace("\n", "<br>");
var NewEndpoint = new EForumEndpoint()
{
CreatorId = creator.Id,
CreatorEmail = creator.Email,
CreatorFio = creator.FIO,
ParentNode = parentNode,
CreationDate = System.DateTime.Now,
Name = model.EndpointName,
Text = safeText,//---
PinnedFiles = new List <EForumFile>()
};
// DBContext.ForumEndpoints.Add(NewEndpoint);
// await DBContext.SaveChangesAsync();
if (model.UploadedFiles != null)
{
string outfolder = environment.WebRootPath + "/ForumFiles/EPFiles/" + model.EndpointName + "_"
+ System.DateTime.Now.ToString("s").Replace(":", "-") + "/";
if (!Directory.Exists(outfolder))
{
Directory.CreateDirectory(outfolder);
}
foreach (IFormFile file in model.UploadedFiles)
{
if (file.Length >= 10485760)
{
ModelState.AddModelError("FileTooBig", "Нельзя загружать файлы свыше 10 Мегабайт.");
return(View(model));
}
var outpath = outfolder + file.FileName;
using (var fileStream = new FileStream(outpath, FileMode.Create))
{
await file.CopyToAsync(fileStream);
}
var efile = new EForumFile()
{
Name = file.FileName,
Path = outpath,
TypeOfParent = 1,
ForumEndpoint = NewEndpoint
};
DBContext.ForumFiles.Add(efile);
NewEndpoint.PinnedFiles.Add(efile);
}
}
DBContext.ForumEndpoints.Add(NewEndpoint);
await DBContext.SaveChangesAsync();
//return RedirectToAction("ForumNode", new { NodeId = model.ParentNodeId });
return(RedirectToAction("ForumEndpoint", new { EndpointId = NewEndpoint.Id }));
}
return(View(model));
}