public JsonResult Add(int letterId, string comment, string commenterName, string commenterEmail)
{
Comment comm = new Comment();
comm.commentDate = DateTime.UtcNow;
comm.commenterEmail = commenterEmail;
comm.commenterName = commenterName;
comm.commentMessage = comment;
comm.letterId = letterId;
comm.level = 0;
string userip = string.Empty;
userip = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (userip == null || userip == "127.0.0.1")
userip = Request.ServerVariables["REMOTE_ADDR"];
comm.commenterIP = userip;
string current_guid = getCommenterGuid();
if (current_guid == null)
{
current_guid = System.Guid.NewGuid().ToString();
// new commenter, let's give them a guid
HttpCookie cookie = new HttpCookie("cId");
cookie.Value = current_guid;
cookie.Expires = DateTime.Now.AddDays(1500);
Response.Cookies.Add(cookie);
}
comm.commenterGuid = current_guid;
// add comment,
// notify all users who are subscribed to that letter
string host = "";
switch (Request.Url.Port)
{
case 80:
host = "http://" + Request.Url.Host + VirtualPathUtility.ToAbsolute("~/");
break;
default:
host = "http://" + Request.Url.Host + ":" + Request.Url.Port + VirtualPathUtility.ToAbsolute("~/");
break;
}
_commentService.AddComment(comm, host);
return Json(comm, JsonRequestBehavior.AllowGet);
}
public void AddComment(Comment comment, Letter letter)
{
letter transposed = Mapper.Map<Letter, letter>(letter);
db_mysql db_mysql = new db_mysql();
db_mysql.letters.Attach(transposed);
var letter_obj = db_mysql.Entry(transposed);
if (comment.level > -1)
{
letter_obj.Property(e => e.letterComments).IsModified = true;
transposed.letterComments = transposed.letterComments + 1;
}
db_mysql.comments.Add(Mapper.Map<Comment, comment>(comment));
db_mysql.SaveChanges();
}
public JsonResult Mail(string letterText, string letterCountry, string mobile = "0")
{
String error_message = string.Empty;
string userip = string.Empty;
userip = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (userip == null || userip == "127.0.0.1")
userip = Request.ServerVariables["REMOTE_ADDR"];
string userid = null;
if (User.Identity.IsAuthenticated == true)
{
MembershipUser MemUser = Membership.GetUser();
userid = MemUser.ProviderUserKey.ToString();
}
Core.Model.Letter letter;
try
{
letter = _letterService.Mail(Server.HtmlDecode(letterText), letterCountry, userip, userid, int.Parse(mobile), ref error_message);
if (User.Identity.IsAuthenticated == true && letter != null)
{
// add an invisible comment so that the user will receive email notifications
Comment invisa_comment = new Comment();
invisa_comment.level = -2;
invisa_comment.letterId = letter.Id;
invisa_comment.sendEmail = true;
invisa_comment.commentDate = DateTime.UtcNow;
invisa_comment.commenterEmail = User.Identity.Name;
invisa_comment.commenterGuid = System.Guid.NewGuid().ToString();
invisa_comment.commenterName = "";
// add comment,
// notify all users who are subscribed to that letter
string host = "";
switch (Request.Url.Port)
{
case 80:
host = "http://" + Request.Url.Host + VirtualPathUtility.ToAbsolute("~/");
break;
default:
host = "http://" + Request.Url.Host + ":" + Request.Url.Port + VirtualPathUtility.ToAbsolute("~/");
break;
}
_commentService.AddComment(invisa_comment, host);
}
}
catch (Exception ex) {
letter = null;
error_message = ex.Message;
}
// remove the more page
// and mod page cache objects so they
// get pulled again immedately with the new data
HttpContext.Cache.Remove("mod-page-1");
HttpContext.Cache.Remove("more-page-1");
if (letter != null)
{
return Json(new { response = 1, message = letter.Id, guid = letter.letterTags }, JsonRequestBehavior.AllowGet);
}
else
{
return Json(new { response = 0, message = error_message, guid = "Error in response" }, JsonRequestBehavior.AllowGet);
}
}
public ActionResult Details(FormCollection fc)
{
int letterId = int.Parse(fc["letterId"].ToString());
string name = fc["commenterName"].ToString();
string email = fc["commenterEmail"].ToString();
string message = fc["comment"].ToString();
bool using_mobile = false;
bool mod_mode = false;
if(fc["mod_mode"].Contains("true")) {
mod_mode = true;
} else {
mod_mode = false;
};
if(fc["mobile"].ToString() == "1") {
using_mobile = true;
}
string userip = string.Empty;
userip = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (userip == null || userip == "127.0.0.1")
userip = Request.ServerVariables["REMOTE_ADDR"];
if (fc["robotTestCookie"] != "love")
{
//Contact msg = new Contact();
//msg.Message = "HomeController caught a robot: " + email + ": <br /><br />" + message + "<br><br>sent from ip: " + userip;
//_mailService.SendContact(msg.Message, msg.Email);
return View();
}
Core.Model.Comment comm = new Core.Model.Comment();
comm.commentDate = DateTime.UtcNow;
comm.commenterEmail = email;
comm.commenterName = name;
comm.commentMessage = message;
comm.letterId = letterId;
comm.level = 0;
comm.commenterIP = userip;
string current_guid = getCommenterGuid();
if (current_guid == null)
{
current_guid = System.Guid.NewGuid().ToString();
// new commenter, let's give them a guid
HttpCookie cookie = new HttpCookie("cId");
cookie.Value = current_guid;
cookie.Expires = DateTime.Now.AddDays(1500);
Response.Cookies.Add(cookie);
}
comm.commenterGuid = current_guid;
if (mod_mode == true && User.IsInRole("mod"))
{
comm.commenterGuid = "mod" + current_guid.Substring(2, current_guid.Length - 3);
}
if (email != null)
{
comm.sendEmail = true;
}
// add comment,
// notify all users who are subscribed to that letter
string host = "";
switch (Request.Url.Port)
{
case 80:
host = "http://" + Request.Url.Host + VirtualPathUtility.ToAbsolute("~/");
break;
default:
host = "http://" + Request.Url.Host + ":" + Request.Url.Port + VirtualPathUtility.ToAbsolute("~/");
break;
}
_commentService.AddComment(comm, host);
if (using_mobile == true)
{
return RedirectToRoute("DetailsMobile", new { id = letterId, mobile = 1 });
}
else
{
return RedirectToAction("Details", new { id = letterId });
}
}
public void AddComment(Comment comment, string host)
{
// spam protection
List<Block> blocked_ips = _blockService.getBlocks(blockType.blockIP, blockWhat.blockComment);
List<string> banned_ips = new List<string>();
foreach (Block b in blocked_ips)
{
banned_ips.Add(b.Value);
}
Letter lucky_letter = _queryLetters.getLetter(comment.letterId);
// time to ban people
List<String> banned_commenters = new List<String>();
banned_commenters.Add("10315e2a-e671-4c1c-91be-4aff797bf852");
banned_commenters.Add("33ce0d70-cf48-49c9-9ab2-0fe61ebc84f8");
banned_commenters.Add("82f7c276-bdee-4e09-943e-39b45f3e7a07");
//banned_commenters.Add("26ace590-d40e-4a03-a968-d160744437f5");
if (banned_commenters.Contains(comment.commenterGuid))
{
_mailService.SendContact("Banned comment: <br><br>" + comment.commenterName + " (" + comment.commenterGuid + "): " + comment.commentMessage, "*****@*****.**");
return;
}
banned_ips.Add("100.2.225.62");
if(banned_ips.Contains(comment.commenterIP)) {
//_mailService.SendContact("Banned comment (ip, " + comment.commenterIP + "): <br><br>" + comment.commenterName + " (" + comment.commenterGuid + "): " + comment.commentMessage, "*****@*****.**");
return;
}
// if an ip starts with any one of these,
// we're going to block these lamers.
List<String> spammer_ips = new List<String>();
spammer_ips.Add("65.49.14");
spammer_ips.Add("111.118.37");
spammer_ips.Add("119.226.253");
spammer_ips.Add("79.123.220");
spammer_ips.Add("58.22.10");
spammer_ips.Add("218.108.85");
spammer_ips.Add("202.121.96");
spammer_ips.Add("110.170.46");
spammer_ips.Add("219.141.240");
spammer_ips.Add("46.105.114");
spammer_ips.Add("124.158.1");
spammer_ips.Add("137.175.118");
spammer_ips.Add("93.115.94");
spammer_ips.Add("213.175.167");
List<Block> blocked_subnet_ips = _blockService.getBlocks(blockType.blockSubnet, blockWhat.blockComment);
List<string> ban_list_v2 = new List<String>();
foreach (Block b in blocked_subnet_ips)
{
ban_list_v2.Add(b.Value);
}
if(comment.commenterIP != null && spammer_ips.Any(rax=>comment.commenterIP.StartsWith(rax))) {
//_mailService.SendContact("Spammer shut down, ip: " + comment.commenterIP, "*****@*****.**");
return;
}
if (comment.commenterIP != null && ban_list_v2.Any(rax => comment.commenterIP.StartsWith(rax)))
{
string subnet_ip = ban_list_v2.Any(rax => comment.commenterIP.StartsWith(rax)).ToString();
string blockedMsg = String.Format("blocked comment due to subnet (subnet: {0}, ip: {1}): <br /><br />{2}", subnet_ip, comment.commenterIP, comment.commentMessage);
_mailService.SendContact(blockedMsg, "*****@*****.**");
return;
}
if(comment.commentMessage != null && comment.commentMessage.Contains("mygardeningplace.com")) {
_mailService.SendContact("mygardeningplace spam shut down.", "*****@*****.**");
return;
}
if (comment.commentMessage != null && comment.commentMessage.Contains("mycraftingplace.com"))
{
_mailService.SendContact("mycraftingplace.com spam shut down.", "*****@*****.**");
return;
}
if (comment.commentMessage != null && comment.commentMessage.Contains("bio2008.org"))
{
_mailService.SendContact("bio2008.org spam shut down.", "*****@*****.**");
return;
}
if (comment.commentMessage != null && comment.commentMessage.Contains("countylinechiro.com"))
{
_mailService.SendContact("bio2008.org spam shut down.", "*****@*****.**");
return;
}
if (comment.commentMessage != null && comment.commentMessage.Contains("cfnmtoob.com"))
{
_mailService.SendContact("cfnmtoob.com spam shut down.", "*****@*****.**");
return;
}
//if (comment.commentMessage != null && comment.commentMessage.Contains("http://"))
//{
// //_mailService.SendContact("link shut down: <br/>" + comment.commentMessage, "*****@*****.**");
// return;
//}
// /connect.masslive.com
if (comment.commentMessage != null && comment.commentMessage.Contains("connect.masslive.com"))
{
//_mailService.SendContact("connect.masslive.com spam shut down.", "*****@*****.**");
return;
}
//
// sanitize the input
//
//
// add some basic html to the comment to make it look better
//
string basic_text = comment.commentMessage;
// first, we make sure that the first line
// is a paragraph
basic_text = "<p>" + basic_text;
// then we make sure the last line closes it
basic_text = basic_text + "</p>";
// now all line breaks in the middle should
// start new paragraphs
basic_text = basic_text.Replace("\n", "</p><p>");
comment.commentMessage = basic_text;
if (comment.commenterName.Length == 0)
{
comment.commenterName = "anonymous lover";
}
// Send notifications before the latest comment is added.
// this means the newest commenter does not get a notification,
// which is what we want -- they already know they
// have added a comment.
SendNotifications(comment.letterId, host);
_queryComments.AddComment(comment, lucky_letter);
}