$code]); $svg = << {$code} SVG; return response($svg, 200)->header('Content-Type', 'image/svg+xml'); } public function store(Request $request) { if (!SiteSetting::value('comments_enabled', '1')) { return back()->withErrors(['comments' => '评论功能已关闭。']); } $data = $request->validate([ 'target_type' => ['required', 'in:product,article'], 'target_id' => ['required', 'integer'], 'nickname' => ['required', 'string', 'max:50'], 'email' => ['nullable', 'email', 'max:255'], 'content' => ['required', 'string', 'max:1000'], 'captcha' => ['required', 'string', 'max:10'], ]); $captcha = (string) session('captcha_code'); session()->forget('captcha_code'); if ($captcha === '' || $data['captcha'] !== $captcha) { return back()->withErrors(['captcha' => '验证码错误,请重试。']); } $ip = $request->ip() ?? '0.0.0.0'; $rateKey = "comment_rate_{$ip}"; if (Cache::has($rateKey)) { return back()->withErrors(['comments' => '提交太频繁,请稍后再试。']); } Cache::put($rateKey, true, now()->addMinutes(10)); $targetExists = $data['target_type'] === 'product' ? Product::where('id', $data['target_id'])->exists() : Article::where('id', $data['target_id'])->exists(); if (!$targetExists) { return back()->withErrors(['comments' => '评论目标不存在。']); } $content = $this->filterSensitiveWords($data['content']); Comment::create([ 'target_type' => $data['target_type'], 'target_id' => $data['target_id'], 'nickname' => $data['nickname'], 'email' => $data['email'] ?? null, 'content' => $content, 'status' => 'pending', 'ip' => $ip, 'user_agent' => $request->userAgent(), ]); return back()->with('success', '评论已提交,审核通过后展示。'); } public function like(Comment $comment) { $comment->increment('like_count'); return back(); } private function filterSensitiveWords(string $content): string { $words = SensitiveWord::pluck('word')->filter()->all(); foreach ($words as $word) { $content = str_replace($word, str_repeat('*', mb_strlen($word)), $content); } return $content; } }