// various spam checks, to be replaced with new rule engine public static async Task<string> PreAddSubmissionCheck(Message submissionModel, HttpRequestBase request, string userName, Subverse targetSubverse) { // check if user has reached hourly posting quota for target subverse if (User.UserHourlyPostingQuotaForSubUsed(userName, submissionModel.Subverse)) { return ("You have reached your hourly submission quota for this subverse."); } // check if user has reached daily posting quota for target subverse if (User.UserDailyPostingQuotaForSubUsed(userName, submissionModel.Subverse)) { return ("You have reached your daily submission quota for this subverse."); } // verify recaptcha if user has less than 25 CCP var userCcp = Karma.CommentKarma(userName); if (userCcp < 25) { bool isCaptchaCodeValid = await ReCaptchaUtility.Validate(request); if (!isCaptchaCodeValid) { // TODO: SET PREVENT SPAM DELAY TO 0 return ("Incorrect recaptcha answer."); } } // if user CCP or SCP is less than -50, allow only X submissions per 24 hours var userScp = Karma.LinkKarma(userName); if (userCcp <= -50 || userScp <= -50) { var quotaUsed = User.UserDailyPostingQuotaForNegativeScoreUsed(userName); if (quotaUsed) { return ("You have reached your daily submission quota. Your current quota is " + MvcApplication.DailyPostingQuotaForNegativeScore + " submission(s) per 24 hours."); } } // check if subverse has "authorized_submitters_only" set and dissalow submission if user is not allowed submitter if (targetSubverse.authorized_submitters_only) { if (!User.IsUserSubverseModerator(userName, targetSubverse.name)) { // user is not a moderator, check if user is an administrator if (!User.IsUserSubverseAdmin(userName, targetSubverse.name)) { return ("You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization."); } } } // null is returned if all checks have passed return null; }
// add new link submission public static async Task<string> AddNewSubmission(Message submissionModel, Subverse targetSubverse, string userName) { using (var db = new voatEntities()) { // LINK TYPE SUBMISSION if (submissionModel.Type == 2) { // strip unicode if title contains unicode if (ContainsUnicode(submissionModel.Linkdescription)) { submissionModel.Linkdescription = StripUnicode(submissionModel.Linkdescription); } // abort if title is < than 10 characters if (submissionModel.Linkdescription.Length < 10) { // ABORT return ("The title may not be less than 10 characters."); } // make sure the input URI is valid if (!UrlUtility.IsUriValid(submissionModel.MessageContent)) { // ABORT return ("The URI you are trying to submit is invalid."); } // check if target subvere allows submissions from globally banned hostnames if (!targetSubverse.exclude_sitewide_bans) { // check if hostname is banned before accepting submission var domain = UrlUtility.GetDomainFromUri(submissionModel.MessageContent); if (BanningUtility.IsHostnameBanned(domain)) { // ABORT return ("The hostname you are trying to submit is banned."); } } // check if user has reached daily crossposting quota if (User.DailyCrossPostingQuotaUsed(userName, submissionModel.MessageContent)) { // ABORT return ("You have reached your daily crossposting quota for this URL."); } // check if target subverse has thumbnails setting enabled before generating a thumbnail if (targetSubverse.enable_thumbnails) { // try to generate and assign a thumbnail to submission model submissionModel.Thumbnail = await ThumbGenerator.ThumbnailFromSubmissionModel(submissionModel); } // flag the submission as anonymized if it was submitted to a subverse with active anonymized_mode if (targetSubverse.anonymized_mode) { submissionModel.Anonymized = true; } else { submissionModel.Name = userName; } // accept submission and save it to the database submissionModel.Subverse = targetSubverse.name; submissionModel.Likes = 1; db.Messages.Add(submissionModel); // update last submission received date for target subverse targetSubverse.last_submission_received = DateTime.Now; await db.SaveChangesAsync(); } else // MESSAGE TYPE SUBMISSION { // strip unicode if submission contains unicode if (ContainsUnicode(submissionModel.Title)) { submissionModel.Title = StripUnicode(submissionModel.Title); } // abort if title less than 10 characters if (submissionModel.Title.Length < 10) { return ("Sorry, the the submission title may not be less than 10 characters."); } // flag the submission as anonymized if it was submitted to a subverse with active anonymized_mode if (targetSubverse.anonymized_mode) { submissionModel.Anonymized = true; } else { submissionModel.Name = userName; } // grab server timestamp and modify submission timestamp to have posting time instead of "started writing submission" time submissionModel.Subverse = targetSubverse.name; submissionModel.Date = DateTime.Now; submissionModel.Likes = 1; db.Messages.Add(submissionModel); // update last submission received date for target subverse targetSubverse.last_submission_received = DateTime.Now; if (ContentProcessor.Instance.HasStage(ProcessingStage.InboundPreSave)) { submissionModel.MessageContent = ContentProcessor.Instance.Process(submissionModel.MessageContent, ProcessingStage.InboundPreSave, submissionModel); } await db.SaveChangesAsync(); if (ContentProcessor.Instance.HasStage(ProcessingStage.InboundPostSave)) { ContentProcessor.Instance.Process(submissionModel.MessageContent, ProcessingStage.InboundPostSave, submissionModel); } } } // null is returned if no errors were raised return null; }