%@page contentType="text/html;charset=UTF-8" %>
<%@page import="jcms.util.SafeUtil"%>
<%@page import="java.util.Vector"%>
<%@page import="java.util.ArrayList"%>
<%@page import="jcms.extramodule.comment.CommentFun"%>
<%@page import="jcms.makenewpage.ArticleFile"%>
<%@page import="com.hanweb.common.util.Convert"%>
<%@page import="jcms.blf.module.comment.Jcms_Comment_InfoBLF"%>
<%@page import="jcms.entity.SearchInfoEntity"%>
<%@page import="jcms.util.SysInit"%>
<%@page import="com.hanweb.common.log.LogWriter"%>
<%@page import="jcms.make.makepage.ModalFile"%>
<%@page import="java.io.File"%>
<%@page import="com.hanweb.taglib.listview.ListTable"%>
<%@page import="jcms.util.AccessUtil"%>
<%@ include file="./config.jsp" %>
<%
if(!AccessUtil.checkAccess(request)){ //阻止跨站点请求伪造
out.print(Convert.getAlterScript("location.href='../../';"));
return;
}
response.setHeader("Pragma","No-cache");
response.setHeader("Cache-Control","no-cache");
response.setDateHeader("Expires", 0);
//评论是否过期
boolean isClosed = false;
String strColID = Convert.getParameter(request, "i_colid", "0", true, true);
if(SafeUtil.isSqlAndXss(strColID)) {
out.println("参数包含非法字符,禁止访问");
return;
}
String strInfoID = Convert.getParameter(request, "i_infoid", "0", true, true);
if(SafeUtil.isSqlAndXss(strInfoID)) {
out.println("参数包含非法字符,禁止访问");
return;
}
if(!strColID.matches("[0-9\\-]+") || !strInfoID.matches("[0-9\\-]+")){
out.println("参数包含非法字符,禁止访问");
return;
}
Convert convert = new Convert();
int colId = Convert.getStringValueInt(strColID);
int infoId = Convert.getStringValueInt(strInfoID);
colId = colId < 0 ? 0 : colId;
infoId = infoId < 0 ? 0 : infoId;
String c_uuid = Convert.getParameter(request,"c_uuid","",true,true);
if(SafeUtil.isSqlAndXss(c_uuid)) {
out.println("参数包含非法字符,禁止访问");
return;
}
// type = 1 表示调查结评论 type=0 表示文章评论
int nType = Convert.getParameterInt(request,"type",0);
String strOnload = Convert.getParameter(request,"onload","chdiv(1,document.getElementById('origincomment'))",true,true);
String strSpeakArea="";
String strUserName = (String)session.getAttribute("username");
strUserName = Convert.getValue(strUserName);
String strToPath = application.getRealPath("") + "/jcms_files/jcms"+strAppID + "/web"+strWebID+"/site/module/comment/";
String strIniPath = strToPath + "config/init.xml";
String libOut = "";
libOut += "";
libOut += "";
libOut += "";
libOut += "";
libOut += "";
String strModalHtml = "";
// webtype = 1内网、webtype = 2内网
String strWebType = xmlFile.getContent("webtype", strToPath+"config/config.xml");
String pagecount=xmlFile.getContent("count",strIniPath);
if("0".equals(pagecount))
pagecount = "10";
strWebType = Convert.getValue(strWebType);
if(strWebType.length() == 0){
strWebType = "1";
}
// jcms的服务名
String strAppPath = xmlFile.getContent("web_in_servername", strIniPath);
strAppPath = Convert.getValue(strAppPath);
if(strAppPath.length() == 0){
strAppPath = "jcms";
}
// 评论开放方式 0、关闭 1、开放
String strOpen = xmlFile.getContent("openstyle", strIniPath);
strOpen = Convert.getValue(strOpen);
int verificationcode = Convert.getStringValueInt(xmlFile.getContent("verificationcode",strIniPath.replaceAll("\\\\","/")));
// 验证码
String strCode = "";
if (verificationcode==1){
strCode = "验证码:"
+" "
+" (*) "
+"";
} else{
strCode = " ";
}
String strTpl_OpenStyle = "";
if(strOpen.equals("0")){
strTpl_OpenStyle = "disabled";
}
// 替换模板文件中的路径
String strReplace = "/"+strAppPath+"/jcms_files/jcms"+strAppID + "/web"+strWebID+"/site/";
String strReplace1 = strReplace+"view/";
String strConfPath = "/" + SysInit.getM_strAppPath() + "/jcms_files/jcms" + strAppID + "/web" + strWebID + "/site/view/";
// 获取模板文件
strModalHtml = CommentFun.getModal(strWebID, strAppID , application.getRealPath(""));
if(strModalHtml.length() == 0) {
strModalHtml=convert.readInputStream(strToPath+"defaulttemplate/comment.html" ,"UTF-8");
strModalHtml = Convert.replaceStringNoCase(strModalHtml,"",libOut);
} else {
strModalHtml = Convert.replaceStringNoCase(strModalHtml,"",libOut);
}
CommentFun commentFun = new CommentFun(strWebID,strAppID);
Jcms_Comment_InfoBLF blf = new Jcms_Comment_InfoBLF(strAppID,strWebID);
ArrayList al = new ArrayList();
String strComment =xmlFile.getContent("listtpl", strIniPath); // 评论开放方式
//String strComment = convert.readInputStream(strToPath+"tpl/comment.html","UTF-8");
String strFrom1 = "";
String strFrom2 = "";
int nPos1 = -1;
int nPos2 = -1;
String strAll = "";
StringBuffer hidBuf = new StringBuffer(); //分页表单中用到的隐含变量
int answerstart=strComment.indexOf("");
//int answerend=strModalHtml.indexOf("",answerstart);
if(answerstart>=0) {
String strAnswer = xmlFile.getContent("answertpl", strIniPath);
StringBuffer suffer = new StringBuffer();
suffer.append("
");
suffer.append("");
strSpeakArea=suffer.toString();
suffer.delete(0,suffer.length());
}
if(strModalHtml.length() > 0) {
nPos1 = strModalHtml.indexOf(strFrom1);
nPos2 = strModalHtml.indexOf(strFrom2, nPos1);
}
Vector v_tpl = new Vector(11);
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
v_tpl.add("");
Vector v_tpl_value = new Vector(11);
//文章链接
String strUrl = "";
// 获取信息实体
SearchInfoEntity en = blf.getTb(colId, infoId, strWebID);
if(en == null){
v_tpl_value.add("");
v_tpl_value.add("");
v_tpl_value.add("");
v_tpl_value.add("");
v_tpl_value.add(strUserName);
v_tpl_value.add(strTpl_OpenStyle);
v_tpl_value.add("");
v_tpl_value.add("");
v_tpl_value.add("");
v_tpl_value.add("");
v_tpl_value.add(strCode);
for (int j=0; j= 0 && nPos2 > 0) {
strAll = strModalHtml.substring(0,nPos1) + strComment + strModalHtml.substring(nPos2+strFrom2.length());
strAll = strComment;
} else {
strAll = strModalHtml;
}
if(strWebType.trim().equals("2")) {
strAll = Convert.replaceString(strAll ,strReplace ,"/");
}
out.println(strAll);
return;
} else {
String strTimeoutoff = xmlFile.getContent("b_expiredtime", strIniPath);
if(strTimeoutoff.equals("1")) {
String strTimeout = xmlFile.getContent("expiredtime", strIniPath);
int day=Convert.getStringValueInt(strTimeout);
java.text.SimpleDateFormat format=new java.text.SimpleDateFormat("yyyy-MM-dd hh:mm:ss");
java.util.Date articleDate =format.parse(en.getC_createdate());
java.util.Calendar oldcal=java.util.Calendar.getInstance();
java.util.Calendar calnow=java.util.Calendar.getInstance();
oldcal.setTime(articleDate);
oldcal.add(java.util.Calendar.DAY_OF_YEAR, day);
if(calnow.after(oldcal)) {
isClosed = true;
//out.println(Convert.getAlterScript("alert('对不起评论已过期');"));
//return;
}
}
}
if("0".equals(strOpen) || isClosed){
strSpeakArea += "";
}
// 获取文章的标题和发布时间(自定义信息为创建时间
String deployTime = "";
String strTitle = Convert.getValue(en.getVc_title());
if(en.getI_type() == 3){
deployTime = Convert.getValue(en.getC_createdate());
}else{
deployTime = Convert.getValue(en.getC_deploytime());
}
if(deployTime.length() >0) {
strUrl = ArticleFile.getArtFileName(deployTime, ""+colId, ""+infoId); // 访问路径
}
String vc_url = strConfPath + strUrl;
strComment += "";
// 获取表单提交变量
String strKeywords = Convert.getParameter(request, "fn_Keywords", "",true,true);
if(SafeUtil.isSqlAndXss(strKeywords)) {
out.println("参数包含非法字符,禁止访问");
return;
}
String strScope = Convert.getParameter(request, "fn_Scope","",true,true);
if(SafeUtil.isSqlAndXss(strScope)) {
out.println("参数包含非法字符,禁止访问");
return;
}
String strStartTime = Convert.getParameter(request, "starttime","",true,true);
if(SafeUtil.isSqlAndXss(strStartTime)) {
out.println("参数包含非法字符,禁止访问");
return;
}
String strEndTime = Convert.getParameter(request, "endtime","",true,true);
if(SafeUtil.isSqlAndXss(strEndTime)) {
out.println("参数包含非法字符,禁止访问");
return;
}
hidBuf.append("\n");
hidBuf.append("\n");
hidBuf.append("\n");
hidBuf.append("\n");
// 取出总的查询记录数
int totalNum = blf.getTotalNum(strScope, strKeywords, colId, infoId, strStartTime, strEndTime);
int totalhotNum = blf.getHotInfoNum(strScope, strKeywords, colId, infoId, strStartTime, strEndTime);
int alltotalNum = blf.getAllTotalNum(strScope, strKeywords, colId, infoId, strStartTime, strEndTime);
int replytalNum = blf.getReplyTotalNum(infoId);
int hottalNum = blf.getHotTotalNum(infoId);
// 存在记录,取出当前页显示的数
if(totalNum > 0) {
al = blf.getEnt(strScope, strKeywords, colId, infoId, strStartTime, strEndTime, 1, 3);
}
if(al == null || al.size() == 0) {
v_tpl_value.add(strTitle);
if(strWebType.trim().equals("2")) {
vc_url = Convert.replaceString(vc_url,strReplace1,"/");
}
v_tpl_value.add(vc_url);
v_tpl_value.add("");
v_tpl_value.add("");
v_tpl_value.add(strUserName);
v_tpl_value.add(strTpl_OpenStyle);
v_tpl_value.add("0");
v_tpl_value.add("0");
v_tpl_value.add("");
v_tpl_value.add(strSpeakArea);
v_tpl_value.add(strCode);
for (int j=0; j= 0 && nPos2 > 0) {
strAll = strModalHtml.substring(0,nPos1) + strComment + strModalHtml.substring(nPos2+strFrom2.length());
} else {
strAll = strModalHtml;
}
if(strWebType.trim().equals("2")) {
strAll = Convert.replaceString(strAll ,strReplace ,"/");
}
out.println(strAll);
return;
}
//IP显示样式
String strIpStyle = xmlFile.getContent("ipstyle", strIniPath);
strIpStyle = Convert.getValue(strIpStyle);
strIpStyle = strIpStyle.length()==0?"0":strIpStyle;
StringBuffer sbComment = new StringBuffer();
String jsCode = "";
jsCode+="";
sbComment = new StringBuffer();
sbComment.append(jsCode);
//获得热点新闻评论
String strHotNew = commentFun.getHotComment(strWebID,10);
if(hidBuf != null && hidBuf.length() > 0){
hidBuf.delete(0, hidBuf.length());
}
v_tpl_value.add(strTitle);
if(strWebType.trim().equals("2")) {
vc_url = Convert.replaceString(vc_url,strReplace1,"/");
}
v_tpl_value.add(vc_url);
v_tpl_value.add(sbComment.toString());
v_tpl_value.add(strHotNew);
v_tpl_value.add(strUserName);
v_tpl_value.add(strTpl_OpenStyle);
// 评论可见总数
v_tpl_value.add(""+alltotalNum);
// 精华评论数
v_tpl_value.add(""+totalhotNum);
// 评论的总数包括未审核的
v_tpl_value.add(""+blf.getAllCommentCount(colId,infoId));
v_tpl_value.add(strSpeakArea);
v_tpl_value.add(strCode);
for (int j=0; j 0){
v_tpl_value.clear();
}
if(v_tpl.size() > 0){
v_tpl.clear();
}
if(nPos1 >= 0 && nPos2 > 0){
strAll = strModalHtml.substring(0,nPos1) + strComment + strModalHtml.substring(nPos2+strFrom2.length());
}else{
strAll = (strModalHtml.length() == 0) ? strComment:strModalHtml;
}
// 替换生成后的路径
if(strWebType.trim().equals("2")) {
strAll = Convert.replaceString(strAll ,strReplace ,"/");
}
try {
if(v_tpl != null) {
v_tpl.clear();
v_tpl = null;
}
if(v_tpl_value != null) {
v_tpl_value.clear();
v_tpl_value = null;
}
} catch (Exception ex) {
LogWriter.error("comment.jsp get Exception:"+ex.getMessage());
}
out.println(strAll);
%>
<%
if(isClosed){
out.println(Convert.getAlterScript("alert('对不起评论已过期');window.open('','_parent','');window.close();"));
}
%>