/**
* Action that handles image requests
*/
public function imageAction()
{
// We would just print out the image, no need for the renderer
$this->_helper->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(true);
// Getting request params
$imageId = $this->getParam('id');
$ticket = $this->getParam('ticket');
$time = $this->getParam('time');
// Dropping request if params are not right or the image is too old
if (!$imageId || !$ticket || !$time || $time < time()) {
return $this->noContentAction();
}
list($hashStr, $imgKey) = explode('_', $imageId);
if (!$hashStr) {
return $this->noContentAction();
}
// Fetching the parent hash
$hashDoc = new Unsee_Hash($hashStr);
if (!$hashDoc) {
return $this->noContentAction();
}
// Fetching the image Redis hash
$imgDoc = new Unsee_Image($hashDoc, $imgKey);
if (!$imgDoc) {
return $this->noContentAction();
}
/**
* Restricting image download also means that it has to requested by the page, e.g. no
* direct access. Direct access means no referrer.
*/
if ($hashDoc->no_download && empty($_SERVER['HTTP_REFERER'])) {
return $this->noContentAction();
}
// Fetching ticket list for the hash, it should have a ticket for the requested image
$ticketDoc = new Unsee_Ticket();
// Looks like a gatecrasher, no ticket and image is not allowed to be downloaded directly
if (!$ticketDoc->isAllowed($imgDoc) && $hashDoc->no_download) {
// Delete the ticket
$ticketDoc->invalidate($imgDoc);
return $this->noContentAction();
} else {
// Delete the ticket
$ticketDoc->invalidate($imgDoc);
}
// Watermark viewer's IP if required
if ($hashDoc->watermark_ip && !Unsee_Session::isOwner($hashDoc)) {
$imgDoc->watermark();
}
// Embed comment if required
$hashDoc->comment && $imgDoc->comment($hashDoc->comment);
$this->getResponse()->setHeader('Content-type', $imgDoc->type);
print $imgDoc->getImageContent();
// The hash itself was already outdated for one of the reasons.
if (!$hashDoc->isViewable()) {
// This means the image should not be avaiable, so delete it
$imgDoc->delete();
}
}
