public IHttpActionResult Main() { try { var request = new AuthRequest(); var siteId = request.GetPostInt("siteId"); var pageChannelId = request.GetPostInt("pageChannelId"); if (pageChannelId == 0) { pageChannelId = siteId; } var pageContentId = request.GetPostInt("pageContentId"); var pageTemplateId = request.GetPostInt("pageTemplateId"); var isPageRefresh = request.GetPostBool("isPageRefresh"); var templateContent = TranslateUtils.DecryptStringBySecretKey(request.GetPostString("templateContent")); var ajaxDivId = AttackUtils.FilterSqlAndXss(request.GetPostString("ajaxDivId")); var channelId = request.GetPostInt("channelId"); if (channelId == 0) { channelId = pageChannelId; } var contentId = request.GetPostInt("contentId"); if (contentId == 0) { contentId = pageContentId; } var pageUrl = TranslateUtils.DecryptStringBySecretKey(request.GetPostString("pageUrl")); var pageIndex = request.GetPostInt("pageNum"); if (pageIndex > 0) { pageIndex--; } var queryString = PageUtils.GetQueryStringFilterXss(PageUtils.UrlDecode(HttpContext.Current.Request.RawUrl)); queryString.Remove("siteId"); return(Ok(new { Html = StlDynamic.ParseDynamicContent(siteId, channelId, contentId, pageTemplateId, isPageRefresh, templateContent, pageUrl, pageIndex, ajaxDivId, queryString, request.UserInfo) })); } catch (Exception ex) { return(InternalServerError(ex)); } }
public IHttpActionResult Main() { try { var request = new AuthRequest(); var form = HttpContext.Current.Request.Form; var isAllSites = request.GetPostBool(StlSearch.AttributeIsAllSites.ToLower()); var siteName = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeSiteName.ToLower())); var siteDir = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeSiteDir.ToLower())); var siteIds = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeSiteIds.ToLower())); var channelIndex = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeChannelIndex.ToLower())); var channelName = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeChannelName.ToLower())); var channelIds = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeChannelIds.ToLower())); var type = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeType.ToLower())); var word = PageUtils.FilterSql(request.GetPostString(StlSearch.AttributeWord.ToLower())); var dateAttribute = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeDateAttribute.ToLower())); var dateFrom = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeDateFrom.ToLower())); var dateTo = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeDateTo.ToLower())); var since = PageUtils.FilterSqlAndXss(request.GetPostString(StlSearch.AttributeSince.ToLower())); var pageNum = request.GetPostInt(StlSearch.AttributePageNum.ToLower()); var isHighlight = request.GetPostBool(StlSearch.AttributeIsHighlight.ToLower()); var isDefaultDisplay = request.GetPostBool(StlSearch.AttributeIsDefaultDisplay.ToLower()); var siteId = request.GetPostInt("siteid"); var ajaxDivId = PageUtils.FilterSqlAndXss(request.GetPostString("ajaxdivid")); var template = TranslateUtils.DecryptStringBySecretKey(request.GetPostString("template")); var pageIndex = request.GetPostInt("page", 1) - 1; var templateInfo = new TemplateInfo(0, siteId, string.Empty, TemplateType.FileTemplate, string.Empty, string.Empty, string.Empty, ECharset.utf_8, false); var siteInfo = SiteManager.GetSiteInfo(siteId); var pageInfo = new PageInfo(siteId, 0, siteInfo, templateInfo, new Dictionary <string, object>()) { UserInfo = request.UserInfo }; var contextInfo = new ContextInfo(pageInfo); var contentBuilder = new StringBuilder(StlRequestEntities.ParseRequestEntities(form, template)); var stlLabelList = StlParserUtility.GetStlLabelList(contentBuilder.ToString()); if (StlParserUtility.IsStlElementExists(StlPageContents.ElementName, stlLabelList)) { var stlElement = StlParserUtility.GetStlElement(StlPageContents.ElementName, stlLabelList); var stlPageContentsElement = stlElement; var stlPageContentsElementReplaceString = stlElement; bool isDefaultCondition; var whereString = DataProvider.ContentDao.GetWhereStringByStlSearch(isAllSites, siteName, siteDir, siteIds, channelIndex, channelName, channelIds, type, word, dateAttribute, dateFrom, dateTo, since, siteId, ApiRouteActionsSearch.ExlcudeAttributeNames, form, out isDefaultCondition); //没搜索条件时不显示搜索结果 if (isDefaultCondition && !isDefaultDisplay) { return(NotFound()); } var stlPageContents = new StlPageContents(stlPageContentsElement, pageInfo, contextInfo, pageNum, siteInfo.TableName, whereString); int totalNum; var pageCount = stlPageContents.GetPageCount(out totalNum); if (totalNum == 0) { return(NotFound()); } for (var currentPageIndex = 0; currentPageIndex < pageCount; currentPageIndex++) { if (currentPageIndex != pageIndex) { continue; } var pageHtml = stlPageContents.Parse(totalNum, currentPageIndex, pageCount, false); var pagedBuilder = new StringBuilder(contentBuilder.ToString().Replace(stlPageContentsElementReplaceString, pageHtml)); StlParserManager.ReplacePageElementsInSearchPage(pagedBuilder, pageInfo, stlLabelList, ajaxDivId, pageInfo.PageChannelId, currentPageIndex, pageCount, totalNum); if (isHighlight && !string.IsNullOrEmpty(word)) { var pagedContents = pagedBuilder.ToString(); pagedBuilder = new StringBuilder(); pagedBuilder.Append(RegexUtils.Replace( $"({word.Replace(" ", "\\s")})(?!</a>)(?![^><]*>)", pagedContents, $"<span style='color:#cc0000'>{word}</span>")); } Parser.Parse(siteInfo, pageInfo, contextInfo, pagedBuilder, string.Empty, false); return(Ok(pagedBuilder.ToString())); } } Parser.Parse(siteInfo, pageInfo, contextInfo, contentBuilder, string.Empty, false); return(Ok(contentBuilder.ToString())); } catch (Exception ex) { return(InternalServerError(ex)); } }