protected void CommentView_PreRender(object sender, System.EventArgs e) { SharedBasePage requestPage = Page as SharedBasePage; string entryId = (string)ViewState["entryId"]; bool obfuscateEmail = requestPage.SiteConfig.ObfuscateEmail; Entry entry = requestPage.DataService.GetEntry(entryId); if (entry != null) { //Modified 10-3-03 HPierson //Render the day template with just the single entry, rather than the item template //Modified 12-8-03 HPierson //Using entry.CreatedLocalTime causes a bug when dasBlog is not configured to be in //the same time zone as the server. Instead, we use the configured WindowsTimeZone //to calculate the dasBlog configured local time for the entry requestPage.WeblogEntries.Add(entry); if (requestPage.SiteConfig.AdjustDisplayTimeZone) { newtelligence.DasBlog.Util.WindowsTimeZone wtz = requestPage.SiteConfig.GetConfiguredTimeZone(); requestPage.ProcessDayTemplate(wtz.ToLocalTime(entry.CreatedUtc), commentViewContent); } else { requestPage.ProcessDayTemplate(entry.CreatedUtc, commentViewContent); } HtmlAnchor commentStart = new HtmlAnchor(); commentStart.Name = "commentstart"; commentViewContent.Controls.Add(commentStart); // Show all public comments, or all contents if you can approve them // This way all non-public comments remain hidden, when you no longer require approval. bool allComments = SiteSecurity.IsValidContributor(); foreach (Comment c in requestPage.DataService.GetCommentsFor(entryId, allComments)) { SingleCommentView view = (SingleCommentView)LoadControl("SingleCommentView.ascx"); view.Comment = c; view.ObfuscateEmail = obfuscateEmail; commentViewContent.Controls.Add(view); } commentsClosed.Visible = false; commentViewTable.Visible = true; // only show the openid option when allowed in the config openIdTable.Visible = requestPage.SiteConfig.AllowOpenIdComments; commentsGravatarEnabled.Visible = requestPage.SiteConfig.CommentsAllowGravatar; // show the comments require approval warning when moderating, or suspected spam, // maybe users won't post multiple comments when their comment won't show immediately commentsModerated.Visible = (requestPage.SiteConfig.CommentsRequireApproval || potentialSpamSubmitted); if (potentialSpamSubmitted) { labelCommentsModerated.Text = resmgr.GetString("text_comment_potential_spam"); } // display no/some html labelCommentHtml.Visible = requestPage.SiteConfig.CommentsAllowHtml && (requestPage.SiteConfig.AllowedTags.AllowedTagsCount > 0); labelComment.Visible = !labelCommentHtml.Visible; labelCommentHtml.Text = String.Format(resmgr.GetString("text_comment_content_html"), requestPage.SiteConfig.AllowedTags.ToString()); if (SiteUtilities.AreCommentsAllowed(entry, requestPage.SiteConfig) == false) { commentsClosed.Visible = true; commentViewTable.Visible = false; openIdTable.Visible = false; // if comments are not allow, there is no need to show the approval warning commentsModerated.Visible = false; } if (Page.ClientScript.IsClientScriptBlockRegistered(this.GetType(), "coCommentScript") == false && requestPage.SiteConfig.EnableCoComment == true) { string coCommentScript = String.Format(@" <script type=""text/javascript""> // this ensures coComment gets the correct values coco = {{ tool : ""dasBlog"", siteurl : ""{0}"", sitetitle : ""{1}"", pageurl : ""{2}"", pagetitle : ""{3}"", author : ""{4}"", formID : ""{5}"", textareaID : ""{6}"", buttonID : ""{7}"" }} </script> <script id=""cocomment-fetchlet"" src=""http://www.cocomment.com/js/enabler.js"" type=""text/javascript""> // this activates coComment </script> ", requestPage.SiteConfig.Root, Server.HtmlEncode(requestPage.SiteConfig.Title), Request.Url.ToString(), Server.HtmlEncode(entry.Title), Server.HtmlEncode(entry.Author), this.Page.Form.ClientID, this.comment.ClientID, this.add.ClientID ); Page.ClientScript.RegisterClientScriptBlock(this.GetType(), "coComment", coCommentScript); } } }
public void AddNewComment(string name, string email, string homepage, string comment, string entryId, bool openid) { SharedBasePage requestPage = Page as SharedBasePage; // if we allow tags, use the allowed tags, otherwise use an empty array ValidTagCollection allowedTags = (requestPage.SiteConfig.CommentsAllowHtml ? requestPage.SiteConfig.AllowedTags : new ValidTagCollection(null)); Entry entry = requestPage.DataService.GetEntry(entryId); if ((entry != null) && SiteUtilities.AreCommentsAllowed(entry, requestPage.SiteConfig)) { Comment c = new Comment(); c.Initialize(); c.OpenId = openid; c.Author = HttpUtility.HtmlEncode(name); c.AuthorEmail = HttpUtility.HtmlEncode(email); c.AuthorHomepage = FixUrl(homepage); c.AuthorIPAddress = Request.UserHostAddress; c.AuthorUserAgent = Request.UserAgent; c.Referer = Request.UrlReferrer != null?Request.UrlReferrer.ToString() : String.Empty; // clean the code from html tags c.TargetEntryId = entryId; c.TargetTitle = entry.Title; if (requestPage.SiteConfig.CommentsRequireApproval == true && (requestPage.SiteConfig.SmtpServer == null || requestPage.SiteConfig.SmtpServer.Length == 0)) { requestPage.LoggingService.AddEvent(new EventDataItem(EventCodes.Error, "ERROR: Comment Moderation is turned on, but you haven't configured an SMTP Server for sending mail!", "")); } // if comments require moderation, they are not public. // except when the commenter is a contributor if (SiteSecurity.IsValidContributor()) { c.IsPublic = true; } else { // bypass spam when the comment is authenticated by openid en openid doesn't require approval if (requestPage.SiteConfig.EnableSpamBlockingService && (requestPage.SiteConfig.BypassSpamOpenIdComment && openid) == false) { // make sure to send the unfiltered comment for analysis by external service c.Content = comment; bool externalServiceSucceeded = false; try { if (requestPage.SiteConfig.SpamBlockingService.IsSpam(c)) { potentialSpamSubmitted = true; if (!requestPage.SiteConfig.EnableSpamModeration) { // abort saving the comment requestPage.LoggingService.AddEvent(new EventDataItem(EventCodes.CommentBlocked, String.Format("Blocking suspected spam from {0} {1} [{2}].", c.Author, c.AuthorEmail, c.AuthorIPAddress), SiteUtilities.GetPermaLinkUrl(entryId))); clearCommentInput(); return; } c.SpamState = SpamState.Spam; c.IsPublic = false; } else { c.SpamState = SpamState.NotSpam; c.IsPublic = true; } externalServiceSucceeded = true; } catch (Exception ex) { requestPage.LoggingService.AddEvent(new EventDataItem(EventCodes.Error, String.Format("The external spam blocking service failed for comment {0}. Original exception: {1}", c.EntryId, ex), SiteUtilities.GetPermaLinkUrl(entryId))); } if (!externalServiceSucceeded) { // If the external service fails, we will hide the comment, but not delete it, // even if moderation is disabled. c.SpamState = SpamState.NotChecked; if (doesFeedbackHaveSpamPotential(c)) { potentialSpamSubmitted = true; c.IsPublic = false; } else { c.IsPublic = true; } } } else { c.IsPublic = true; } // If comment moderation enabled, hide all comments regardless of the what the external spam service says if (requestPage.SiteConfig.CommentsRequireApproval) { c.IsPublic = false; } } // FilterHtml html encodes anything we don't like string filteredText = SiteUtilities.FilterHtml(comment, allowedTags); c.Content = filteredText; if (requestPage.SiteConfig.SendCommentsByEmail && requestPage.SiteConfig.SmtpServer != null && requestPage.SiteConfig.SmtpServer.Length > 0) { SendMailInfo defaultMailInfo = ComposeMail(c); requestPage.DataService.AddComment(c, defaultMailInfo); requestPage.DataService.RunActions(ComposeMailForUsers(entry, c)); string commentShort = c.Content.Replace("\n", ""); if (commentShort.Length > 50) { commentShort = commentShort.Substring(0, 50) + "..."; } requestPage.LoggingService.AddEvent( new EventDataItem( EventCodes.CommentAdded, commentShort, SiteUtilities.GetCommentViewUrl(entryId))); } else { requestPage.DataService.AddComment(c); } clearCommentInput(); // break the caching requestPage.DataCache.Remove("BlogCoreData"); Session.Remove("pendingComment"); Session.Remove("pendingEntryId"); //Send the user to the comment they JUST posted. if (!potentialSpamSubmitted) { Response.Redirect(SiteUtilities.GetCommentViewUrl(c.TargetEntryId) + "#" + c.EntryId); } } }
public static bool AreCommentsAllowed(Entry entry, SiteConfig siteConfig) { return(SiteUtilities.AreCommentsAllowed(entry, siteConfig)); }