Comments support markdown, blog attachment function, image bed function

.gitignore

@@ -0,0 +1,5 @@
+LICENSE
+.idea
+README.md
+SECURITY.md
+web/app/upload/

install/bundle/Dockerfile

@@ -3,10 +3,14 @@ MAINTAINER MascoSkray <MascoSkray@gmail.com>
 ARG CLONE_ADDFLAG
 
 WORKDIR /opt
+
+RUN  sed -i s@/archive.ubuntu.com/@/mirrors.aliyun.com/@g /etc/apt/sources.list
+RUN  apt-get clean
 #Update apt and install git
 RUN apt-get update && apt-get install -y git
 #Clone the latest UOJ Community verison to local
-RUN git clone https://github.com/UniversalOJ/UOJ-System.git --depth 1 --single-branch ${CLONE_ADDFLAG} uoj
+#RUN git clone https://github.com/UniversalOJ/UOJ-System.git --depth 1 --single-branch ${CLONE_ADDFLAG} uoj
+ADD . /opt/uoj
 #Install environment and set startup script
 RUN cd uoj/install/bundle && sh install.sh -p && echo "\
 #!/bin/sh\n\

install/bundle/install.sh

@@ -19,8 +19,8 @@ getAptPackage(){
     apt-get update && apt-get install -y vim ntp zip unzip curl wget apache2 libapache2-mod-xsendfile libapache2-mod-php php php-dev php-pear php-zip php-mysql php-mbstring mysql-server cmake fp-compiler re2c libv8-7.5-dev libyaml-dev python python3 python3-requests openjdk-8-jdk openjdk-11-jdk
     #Install PHP extensions
     yes | pecl install yaml
-    git clone https://github.com/phpv8/v8js.git --depth=1 /tmp/pear/download/v8js-master && cd /tmp/pear/download/v8js-master
-    phpize && ./configure --with-php-config=/usr/bin/php-config --with-v8js=/opt/libv8-7.5 && make install && cd -
+    git clone https://hub.fastgit.xyz/phpv8/v8js.git /tmp/pear/download/v8js-master && cd /tmp/pear/download/v8js-master
+    git checkout acd9431ec9d8212f6503490639bc7997c9488c46 && phpize && ./configure --with-php-config=/usr/bin/php-config --with-v8js=/opt/libv8-7.5 && make install && cd -
 }
 
 setLAMPConf(){
@@ -78,7 +78,7 @@ file_put_contents('/var/www/uoj/app/.config.php', "<?php\nreturn ".str_replace('
 UOJEOF
     #Import MySQL database
     service mysql restart
-    mysql -u root --password=$_database_password_ <../db/app_uoj233.sql
+    mysql -u root --password=$_database_password_ < /opt/uoj/install/db/app_uoj233.sql
     echo "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '$_database_password_';" | mysql -u root --password=$_database_password_
 }
 

install/db/app_uoj233.sql

@@ -87,6 +87,17 @@ UNLOCK TABLES;
 -- Table structure for table `blogs_comments`
 --
 
+CREATE TABLE `blogs_file`
+(
+    `blog_id`  int          not null,
+    `filename` varchar(100) not null,
+    `path`     varchar(100) null comment 'the absolute path of file'
+)ENGINE = MyISAM CHARSET = utf8mb4;
+
+
+LOCK TABLE `blogs_file` WRITE;
+UNLOCK TABLES;
+
 /*!40101 SET @saved_cs_client     = @@character_set_client */;
 /*!40101 SET character_set_client = utf8mb4 */;
 CREATE TABLE `blogs_comments` (

web/.gitignore

@@ -1,2 +1,7 @@
 .idea
 .php_cs.cache
+.default-config.php
+../../LICENSE
+../../READMD.md
+../../SECURITY.md
+

web/app/.default-config.php

@@ -11,19 +11,19 @@
 	'database' => [
 		'database' => 'app_uoj233',
 		'username' => 'root',
-		'password' => '_database_password_',
+		'password' => 'root',
 		'host' => '127.0.0.1'
 	],
 	'web' => [
 		'domain' => null,
 		'main' => [
 			'protocol' => 'http',
-			'host' => '_httpHost_',
+			'host' => '127.0.0.1',
 			'port' => 80
 		],
 		'blog' => [
 			'protocol' => 'http',
-			'host' => '_httpHost_',
+			'host' => '127.0.0.1',
 			'port' => 80
 		]
 	],

web/app/.gitignore

@@ -0,0 +1,2 @@
+.default-config.php
+

web/app/controllers/picture_download.php

@@ -0,0 +1,6 @@
+<?php
+if(!isset($_GET['p'])) exit('Filename is empty');
+ob_clean();
+$imageBed = new ImageBed();
+$filename = $_GET['p'];
+$imageBed->download($filename);

web/app/controllers/picture_upload.php

@@ -0,0 +1,10 @@
+<?php
+global $myUser;
+if($myUser == null){
+	$ret["status"]=-1;
+	$ret["msg"]="用户未登录";
+	echo $ret;
+	return ;
+}
+$imageBed = new ImageBed();
+$imageBed->upload($_FILES['file']);

web/app/controllers/subdomain/blog/blog.php

@@ -7,7 +7,6 @@
 	if ($blog['is_hidden'] && !UOJContext::hasBlogPermission()) {
 		become403Page();
 	}
-
 	$comment_form = new UOJForm('comment');
 	$comment_form->addVTextArea('comment', '内容', '',
 		function($comment) {
@@ -18,7 +17,7 @@ function($comment) {
 			if (!$comment) {
 				return '评论不能为空';
 			}
-			if (strlen($comment) > 1000) {
+			if (strlen($comment) > 100000) {
 				return '不能超过1000个字节';
 			}
 			return '';
@@ -126,7 +125,6 @@ function($comment) {
 		$reply_form->succ_href = getLongTablePageRawUri($page);
 	};
 	$reply_form->ctrl_enter_submit = true;
-
 	$reply_form->runAtServer();
 
 	$comments_pag = new Paginator(array(
@@ -140,6 +138,8 @@ function($comment) {
 <?php
 	$REQUIRE_LIB['mathjax'] = '';
 	$REQUIRE_LIB['shjs'] = '';
+	$REQUIRE_LIB['blog'] = '';
+
 ?>
 <?php echoUOJPageHeader(HTML::stripTags($blog['title']) . ' - 博客') ?>
 <?php echoBlog($blog, array('show_title_only' => isset($_GET['page']) && $_GET['page'] != 1)) ?>
@@ -152,7 +152,6 @@ function($comment) {
 		$poster = queryUser($comment['poster']);
 		$esc_email = HTML::escape($poster['email']);
 		$asrc = HTML::avatar_addr($poster, 80);
-
 		$replies = DB::selectAll("select id, poster, content, post_time from blogs_comments where reply_id = {$comment['id']} order by id");
 		foreach ($replies as $idx => $reply) {
 			$replies[$idx]['poster_rating'] = queryUser($reply['poster'])['rating'];
@@ -171,7 +170,7 @@ function($comment) {
 					<div class="col-sm-6"><?= getUserLink($poster['username']) ?></div>
 					<div class="col-sm-6 text-right"><?= getClickZanBlock('BC', $comment['id'], $comment['zan']) ?></div>
 				</div>
-				<div class="comtbox1"><?= $comment['content'] ?></div>
+				<div class="comtbox1" id="content-<?= $comment['id']?>"><?= $comment['content'] ?></div>
 				<ul class="text-right list-inline bot-buffer-no"><li><small class="text-muted"><?= $comment['post_time'] ?></small></li><li><a id="reply-to-<?= $comment['id'] ?>" href="#">回复</a></li></ul>
 				<?php if ($replies): ?>
 				<div id="replies-<?= $comment['id'] ?>" class="comtbox5"></div>
@@ -181,16 +180,28 @@ function($comment) {
 		</div>
 	</div>
 	<?php endforeach ?>
+
 <?php endif ?>
+	<script>
+		$(".comtbox1").each(function (){
+			var text = $(this).text();
+			$(this).text("");
+			$(this).append(marked(text));
+		})
+	</script>
 </div>
 <?= $comments_pag->pagination() ?>
 
 <h3 class="mt-4">发表评论</h3>
 <p>可以用@mike来提到mike这个用户，mike会被高亮显示。如果你真的想打“@”这个字符，请用“@@”。</p>
-<?php $comment_form->printHTML() ?>
-
+<form method="post" class="form-horizontal" id="form-comment" enctype="multipart/form-data">
+<?php $comment_form->printHTML(); ?>
 <div id="div-form-reply" style="display:none">
-	<?php $reply_form->printHTML() ?>
+	<?php $reply_form->printHTML(); ?>
 </div>
-
+</form>
 <?php echoUOJPageFooter() ?>
+<script>
+	comment_editor_init("comment");
+</script>
+

web/app/controllers/subdomain/blog/blog_write.php

@@ -11,16 +11,17 @@
 	} else {
 		$blog = DB::selectFirst("select * from blogs where poster = '".UOJContext::user()['username']."' and type = 'B' and is_draft = true");
 	}
-
 	$blog_editor = new UOJBlogEditor();
 	$blog_editor->name = 'blog';
 	if ($blog) {
+		$blog["files"] = DB::selectAll("select filename,path from blogs_file where blog_id='".DB::escape($blog['id'])."'");
 		$blog_editor->cur_data = array(
 			'title' => $blog['title'],
 			'content_md' => $blog['content_md'],
 			'content' => $blog['content'],
 			'tags' => queryBlogTags($blog['id']),
-			'is_hidden' => $blog['is_hidden']
+			'is_hidden' => $blog['is_hidden'],
+			'files' => $blog["files"]
 		);
 	} else {
 		$blog_editor->cur_data = array(
@@ -39,9 +40,30 @@
 
 	function updateBlog($id, $data) {
 		DB::update("update blogs set title = '".DB::escape($data['title'])."', content = '".DB::escape($data['content'])."', content_md = '".DB::escape($data['content_md'])."', is_hidden = {$data['is_hidden']} where id = {$id}");
+		updateBlogOfFile($id,$data["fileList"]);
 	}
 	function insertBlog($data) {
 		DB::insert("insert into blogs (title, content, content_md, poster, is_hidden, is_draft, post_time) values ('".DB::escape($data['title'])."', '".DB::escape($data['content'])."', '".DB::escape($data['content_md'])."', '".Auth::id()."', {$data['is_hidden']}, {$data['is_draft']}, now())");
+
+	}
+	function updateBlogOfFile($id,$data){
+		$existFile = DB::selectAll("select filename from blogs_file where blog_id= '".DB::escape($id)."' ");
+		foreach ($data as $file){
+			$flag = false;
+			$fileName = $file["fileName"];
+			$filePath = $file["filePath"];
+			foreach ($existFile as $efile){
+				if($efile["filename"]==$fileName){
+					$flag = true;
+					break;
+				}
+			}
+			if($flag){
+				continue;
+			}else{
+				DB::insert("insert into blogs_file (blog_id,filename,path) values ('".DB::escape($id)."','".DB::escape($fileName)."','".DB::escape($filePath)."')");
+			}
+		}
 	}
 
 	$blog_editor->save = function($data) {
@@ -55,15 +77,18 @@ function insertBlog($data) {
 					deleteBlog($blog['id']);
 					insertBlog(array_merge($data, array('is_draft' => 0)));
 					$blog = array('id' => DB::insert_id(), 'tags' => array());
+					updateBlogOfFile($blog['id'],$data["fileList"]);
 					$ret['blog_write_url'] = HTML::blog_url(UOJContext::user()['username'], "/post/{$blog['id']}/write");
 					$ret['blog_url'] = HTML::blog_url(UOJContext::user()['username'], "/post/{$blog['id']}");
 				}
 			} else {
 				updateBlog($blog['id'], $data);
+				//updateBlogOfFile($blog['id'],$data["fileList"]);
 			}
 		} else {
 			insertBlog(array_merge($data, array('is_draft' => $data['is_hidden'] ? 1 : 0)));
 			$blog = array('id' => DB::insert_id(), 'tags' => array());
+			updateBlogOfFile($blog['id'],$data["fileList"]);
 			if (!$data['is_hidden']) {
 				$ret['blog_write_url'] = HTML::blog_url(UOJContext::user()['username'], "/post/{$blog['id']}/write");
 				$ret['blog_url'] = HTML::blog_url(UOJContext::user()['username'], "/post/{$blog['id']}");
@@ -77,12 +102,18 @@ function insertBlog($data) {
 		}
 		return $ret;
 	};
-
 	$blog_editor->runAtServer();
 ?>
 <?php echoUOJPageHeader('写博客') ?>
 <div class="text-right">
 <a href="http://uoj.ac/blog/7">这玩意儿怎么用？</a>
 </div>
 <?php $blog_editor->printHTML() ?>
+<form id="form_example"	action="upload" enctype="multipart/form-data" method="post">
+	<input type="file"  id="files" name="pic" multiple/>
+	<input type="submit" value="上传">
+</form>
+<ul class="list-group" id="file-list-display">
+	<li	class="list-group-item"></li>
+</ul>
 <?php echoUOJPageFooter() ?>

web/app/controllers/subdomain/blog/comment_preview.php

@@ -0,0 +1,7 @@
+<?php
+
+if (!isset($_POST["comment"])) {
+	become404Page();
+}
+$comment_editor =new UOJCommentEditor($_POST["comment"]);
+$comment_editor->printHTML();

web/app/controllers/subdomain/blog/download.php

@@ -0,0 +1,37 @@
+<?php
+//接收需要下载的文件名称
+if(!isset($_GET['p'])) exit('Filename is empty');
+if(empty($_GET['p'])||empty($_GET['name'])) exit('Filename not valid');
+ob_clean();//清除一下缓冲区
+//获得文件名称
+$filename = basename(urldecode($_GET['p']));
+$fileAlias = urldecode($_GET['name']);
+//文件完整路径（这里将真实的文件存放在temp目录下）
+$filePath = "/var/uoj_data/upload/".$filename;
+//将utf8编码转换成gbk编码，否则，文件中文名称的文件无法打开
+$filePath = iconv('UTF-8','gbk',$filePath);
+//检查文件是否可读
+if(!is_file($filePath) || !is_readable($filePath)) exit('Can not access file '.$filename);
+/**
+ * 这里应该加上安全验证之类的代码，例如：检测请求来源、验证UA标识等等
+ */
+//以只读方式打开文件，并强制使用二进制模式
+$fileHandle=fopen($filePath,"rb");
+if($fileHandle===false){
+	exit("Can not open file: $filename");
+}
+//文件类型是二进制流。设置为utf8编码（支持中文文件名称）
+header('Content-type:application/octet-stream; charset=utf-8');
+header("Content-Transfer-Encoding: binary");
+header("Accept-Ranges: bytes");
+//文件大小
+header("Content-Length: ".filesize($filePath));
+//触发浏览器文件下载功能
+header('Content-Disposition:attachment;filename="'.urlencode($fileAlias).'"');
+//循环读取文件内容，并输出
+while(!feof($fileHandle)) {
+	//从文件指针 handle 读取最多 length 个字节（每次输出10k）
+	echo fread($fileHandle, 10240);
+}
+//关闭文件流
+fclose($fileHandle);