Basically, we need to figure out whether you want to create a comment area for a personal blog or for a forum.

For personal Blog，You don't need to think about user login or registration. But the forum is on the opposite side:

You will face serious security problems such as flooding attacks, using your code logic problems to get administrator permissions, using upload vulnerabilities to inject SQL, and so on.

Personally, I suggest that if it's just a personal blog, it's unwise to open up registration and login.

And today, I just want to talk about how to set up the comment area of personal blog. (Sorry, I can't talk about the comment area with user registration, because it's too complex. I can't talk about all the knowledge points in this only 1 blog. I hope this blog can give you the most basic way to build comment area.)

First, you need to figure out which fields your SQL database tables need.

Here are the most basic fields:

Id

ParentId

BlogId

UserName

EmailAddr

WebSite (unnecessary)

Comment

CommentTime

Why Id and ParentId?

Because you need the reply function. Parentid actually fills in the existing Id. Only by filling in the existing ID can the program know who you are replying to.

By default, we set the ParentId to 0, and let the program only reply to comments with ParentId 0, otherwise the comment area will iterate indefinitely.

If you want to reply to a comment whose ParentId is not 0, the program needs to add @ name + comment content.

Why BlogId?

All comments are recorded on the same sheet, but they come from different blogs. That's why BlogId is needed.

Why EmailAddr?

The email address is to remind users that their comments have been replied. This also means that you have to set up an email program first.

Why WebSite?

Users may have their own websites.  It's convenient for me to know them.

Which fields are important?

I think it's an email address. Because names may be the same, but email address is generally unique.

The program of course is to reply according to the email address, not according username.

Second, We need to talk about the realization of e-mail function.

Here I have two ideas: 

one is to send an email immediately after pressing the send button displayed on the blog page, another is to send it manually by me.

The first idea means I have to log in, but users who want to reply to me don't need to log in.

This means that I can know their comments in time, but my reply can't be sent by clicking send button.

If I can press the sent button directly, someone can pretend to be my reply.

So, on the authentication issue, I have to use the database to reply, which will be very inconvenient for me.

By the way, even if you reply manually, there are still problems.

Manual reply: first, you can't reply immediately; second, you may miss comments.

Automatic reply is very important. But automation comes at a cost. For example, when your button is clicked wildly, multiple users initiate operations at the same time, which makes the server run out of resources. It may be hard for you to deal with.

So, the best case scenario is to have only 3 or 10 comments per day.

To be honest, you are unlikely to respond to so many comments a day. I think this is the best solution for novices.

If you don't add email function, you actually need to develop something like an RSS reader to detect whether your blog has a comment. Perhaps the current RSS reader has such a function, but I am not sure.

Alright, alright, stop talking nonsense. My solution is: 

adopt the first idea, but add a reminder button in the background management interface. 

When I finish writing my comment, I click this button and an email will be sent to the user.

UserName: Author

EmailAddr: [Secret]

WebSite: https://www.v2know.com

These three fields are fixed and filled in, and others cannot use them. Therefore, I need to add detection on the front page.

The fewer functions, the less trouble.

To be honest, it's very easy to set up comment area without email function，as I said in the first point above. But I want to make one with auto email reply function.

Next time I will add the details of the operation.

（This article is not finished yet. It is expected to be completed in two weeks.……

Updated on June 10, 2020:

Okay, I give up. Because I don't think it makes sense.

I found that .NET Core comes with the solution, such as email verification, password verification, etc., but the problem is that I don’t know how to use it.

I can use the most basic way to complete the comment function. However, in a large system, this would be a time-consuming, error-prone job. Using the .NET Core feature will be better and faster, but I need to pay extra learning time. Time is precious to me. I must put time on the most important things at present.

This is the verification of .NET Core 2.1 in the login interface:

<form method="post">
    <h4>Use a local account to log in.</h4>
    <hr />
    <div asp-validation-summary="All" class="text-danger"></div>
    <div class="form-group">
        <label asp-for="Input.Email"></label>
        <input asp-for="Input.Email" class="form-control" />
        <span asp-validation-for="Input.Email" class="text-danger"></span>
    </div>
    <div class="form-group">
        <label asp-for="Input.Password"></label>
        <input asp-for="Input.Password" class="form-control" />
        <span asp-validation-for="Input.Password" class="text-danger"></span>
    </div>
    <div class="form-group">
        <div class="checkbox">
            <label asp-for="Input.RememberMe">
                <input asp-for="Input.RememberMe" />
                @Html.DisplayNameFor(m => m.Input.RememberMe)
            </label>
        </div>
    </div>
    <div class="form-group">
        <button type="submit" class="btn btn-default">Log in</button>
    </div>
    <div class="form-group">
        <p>
            <a asp-page="./ForgotPassword">Forgot your password?</a>
        </p>
        <p>
            <a asp-page="./Register" asp-route-returnUrl="@Model.ReturnUrl">Register as a new user</a>
        </p>
    </div>
</form>

I haven't fully understood .NET Core yet, although my blog is made with .NET Core. This sounds strange, but it is.
At some time in the future, when I fully understand .NET Core, I will make up the details of the comment area function.

Updated on June 19, 2020

Finally，I made the comment function.

Here's the model of Comment:

public class Comment
{
    public int Id { get; set; }
    public int ParentId { get; set; }
    public int BlogId { get; set; }
    public Blog BlogContext { get; set; }
    public string Name { get; set; }
    public string Email { get; set; }
    public string WebSite { get; set; }
    public string Content { get; set; }
    public DateTime PublishTime { get; set; } = DateTime.UtcNow;
    public bool Visibility { get; set; } = true;
}

Web design took me a lot of time，but the C# code didn't.

I didn't write captcha code，because I don't think many people will write comments to me, the default limit is only 10 comments per day. On the one hand, I don't have the time to deal with more comments. On the other hand, I just don't know how to do the captcha function, maybe it will take more time to learn. But as long as I have time, I will do it.