Пример #1
0
        // various spam checks, to be replaced with new rule engine
        public static async Task<string> PreAddSubmissionCheck(Message submissionModel, HttpRequestBase request, string userName, Subverse targetSubverse)
        {
            // check if user has reached hourly posting quota for target subverse
            if (User.UserHourlyPostingQuotaForSubUsed(userName, submissionModel.Subverse))
            {
                return ("You have reached your hourly submission quota for this subverse.");
            }

            // check if user has reached daily posting quota for target subverse
            if (User.UserDailyPostingQuotaForSubUsed(userName, submissionModel.Subverse))
            {
                return ("You have reached your daily submission quota for this subverse.");
            }

            // verify recaptcha if user has less than 25 CCP
            var userCcp = Karma.CommentKarma(userName);
            if (userCcp < 25)
            {
                bool isCaptchaCodeValid = await ReCaptchaUtility.Validate(request);

                if (!isCaptchaCodeValid)
                {
                    // TODO: SET PREVENT SPAM DELAY TO 0
                    return ("Incorrect recaptcha answer.");
                }
            }

            // if user CCP or SCP is less than -50, allow only X submissions per 24 hours
            var userScp = Karma.LinkKarma(userName);
            if (userCcp <= -50 || userScp <= -50)
            {
                var quotaUsed = User.UserDailyPostingQuotaForNegativeScoreUsed(userName);
                if (quotaUsed)
                {
                    return ("You have reached your daily submission quota. Your current quota is " + MvcApplication.DailyPostingQuotaForNegativeScore + " submission(s) per 24 hours.");
                }
            }

            // check if subverse has "authorized_submitters_only" set and dissalow submission if user is not allowed submitter
            if (targetSubverse.authorized_submitters_only)
            {
                if (!User.IsUserSubverseModerator(userName, targetSubverse.name))
                {
                    // user is not a moderator, check if user is an administrator
                    if (!User.IsUserSubverseAdmin(userName, targetSubverse.name))
                    {
                        return ("You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization.");
                    }
                }
            }

            // null is returned if all checks have passed
            return null;
        }
Пример #2
0
        // add new link submission
        public static async Task<string> AddNewSubmission(Message submissionModel, Subverse targetSubverse, string userName)
        {
            using (var db = new voatEntities())
            {
                // LINK TYPE SUBMISSION
                if (submissionModel.Type == 2)
                {
                    // strip unicode if title contains unicode
                    if (ContainsUnicode(submissionModel.Linkdescription))
                    {
                        submissionModel.Linkdescription = StripUnicode(submissionModel.Linkdescription);
                    }

                    // abort if title is < than 10 characters
                    if (submissionModel.Linkdescription.Length < 10)
                    {
                        // ABORT
                        return ("The title may not be less than 10 characters.");
                    }

                    // make sure the input URI is valid
                    if (!UrlUtility.IsUriValid(submissionModel.MessageContent))
                    {
                        // ABORT
                        return ("The URI you are trying to submit is invalid.");
                    }

                    // check if target subvere allows submissions from globally banned hostnames
                    if (!targetSubverse.exclude_sitewide_bans)
                    {
                        // check if hostname is banned before accepting submission
                        var domain = UrlUtility.GetDomainFromUri(submissionModel.MessageContent);
                        if (BanningUtility.IsHostnameBanned(domain))
                        {
                            // ABORT
                            return ("The hostname you are trying to submit is banned.");
                        }
                    }

                    // check if user has reached daily crossposting quota
                    if (User.DailyCrossPostingQuotaUsed(userName, submissionModel.MessageContent))
                    {
                        // ABORT
                        return ("You have reached your daily crossposting quota for this URL.");
                    }

                    // check if target subverse has thumbnails setting enabled before generating a thumbnail
                    if (targetSubverse.enable_thumbnails)
                    {
                        // try to generate and assign a thumbnail to submission model
                        submissionModel.Thumbnail = await ThumbGenerator.ThumbnailFromSubmissionModel(submissionModel);
                    }

                    // flag the submission as anonymized if it was submitted to a subverse with active anonymized_mode
                    if (targetSubverse.anonymized_mode)
                    {
                        submissionModel.Anonymized = true;
                    }
                    else
                    {
                        submissionModel.Name = userName;
                    }

                    // accept submission and save it to the database
                    submissionModel.Subverse = targetSubverse.name;
                    submissionModel.Likes = 1;
                    db.Messages.Add(submissionModel);

                    // update last submission received date for target subverse
                    targetSubverse.last_submission_received = DateTime.Now;
                    await db.SaveChangesAsync();
                }
                else
                // MESSAGE TYPE SUBMISSION
                {
                    // strip unicode if submission contains unicode
                    if (ContainsUnicode(submissionModel.Title))
                    {
                        submissionModel.Title = StripUnicode(submissionModel.Title);
                    }

                    // abort if title less than 10 characters
                    if (submissionModel.Title.Length < 10)
                    {
                        return ("Sorry, the the submission title may not be less than 10 characters.");
                    }

                    // flag the submission as anonymized if it was submitted to a subverse with active anonymized_mode
                    if (targetSubverse.anonymized_mode)
                    {
                        submissionModel.Anonymized = true;
                    }
                    else
                    {
                        submissionModel.Name = userName;
                    }

                    // grab server timestamp and modify submission timestamp to have posting time instead of "started writing submission" time
                    submissionModel.Subverse = targetSubverse.name;
                    submissionModel.Date = DateTime.Now;
                    submissionModel.Likes = 1;
                    db.Messages.Add(submissionModel);

                    // update last submission received date for target subverse
                    targetSubverse.last_submission_received = DateTime.Now;

                    if (ContentProcessor.Instance.HasStage(ProcessingStage.InboundPreSave))
                    {
                        submissionModel.MessageContent = ContentProcessor.Instance.Process(submissionModel.MessageContent, ProcessingStage.InboundPreSave, submissionModel);
                    }

                    await db.SaveChangesAsync();

                    if (ContentProcessor.Instance.HasStage(ProcessingStage.InboundPostSave))
                    {
                        ContentProcessor.Instance.Process(submissionModel.MessageContent, ProcessingStage.InboundPostSave, submissionModel);
                    }
                }
            }
            
            // null is returned if no errors were raised
            return null;
        }