示例#1
0
 /**
  * Action that handles image requests
  */
 public function imageAction()
 {
     // We would just print out the image, no need for the renderer
     $this->_helper->layout()->disableLayout();
     $this->_helper->viewRenderer->setNoRender(true);
     // Getting request params
     $imageId = $this->getParam('id');
     $ticket = $this->getParam('ticket');
     $time = $this->getParam('time');
     // Dropping request if params are not right or the image is too old
     if (!$imageId || !$ticket || !$time || $time < time()) {
         return $this->noContentAction();
     }
     list($hashStr, $imgKey) = explode('_', $imageId);
     if (!$hashStr) {
         return $this->noContentAction();
     }
     // Fetching the parent hash
     $hashDoc = new Unsee_Hash($hashStr);
     if (!$hashDoc) {
         return $this->noContentAction();
     }
     // Fetching the image Redis hash
     $imgDoc = new Unsee_Image($hashDoc, $imgKey);
     if (!$imgDoc) {
         return $this->noContentAction();
     }
     /**
      * Restricting image download also means that it has to requested by the page, e.g. no
      * direct access. Direct access means no referrer.
      */
     if ($hashDoc->no_download && empty($_SERVER['HTTP_REFERER'])) {
         return $this->noContentAction();
     }
     // Fetching ticket list for the hash, it should have a ticket for the requested image
     $ticketDoc = new Unsee_Ticket();
     // Looks like a gatecrasher, no ticket and image is not allowed to be downloaded directly
     if (!$ticketDoc->isAllowed($imgDoc) && $hashDoc->no_download) {
         // Delete the ticket
         $ticketDoc->invalidate($imgDoc);
         return $this->noContentAction();
     } else {
         // Delete the ticket
         $ticketDoc->invalidate($imgDoc);
     }
     // Watermark viewer's IP if required
     if ($hashDoc->watermark_ip && !Unsee_Session::isOwner($hashDoc)) {
         $imgDoc->watermark();
     }
     // Embed comment if required
     $hashDoc->comment && $imgDoc->comment($hashDoc->comment);
     $this->getResponse()->setHeader('Content-type', $imgDoc->type);
     print $imgDoc->getImageContent();
     // The hash itself was already outdated for one of the reasons.
     if (!$hashDoc->isViewable()) {
         // This means the image should not be avaiable, so delete it
         $imgDoc->delete();
     }
 }
示例#2
0
 /**
  * Controller to handle file upload form
  * @throws Exception
  */
 public function indexAction()
 {
     $response = new stdClass();
     try {
         $upload = new Zend_File_Transfer();
     } catch (Exception $e) {
         $response->error = $e->getMessage();
         $this->_helper->json->sendJson($response);
     }
     $upload->addValidator('Count', false, array('min' => 1, 'max' => 100));
     $upload->addValidator('IsImage', false);
     $upload->addValidator('Size', false, array('max' => '10MB', 'bytestring' => false));
     $translate = Zend_Registry::get('Zend_Translate');
     $updating = false;
     try {
         if (!$upload->receive()) {
             throw new Exception($translate->translate('error_uploading'));
         } else {
             $files = $upload->getFileInfo();
             // Updating hash with new images
             if (!empty($_POST['hash']) && Unsee_Hash::isValid($_POST['hash'])) {
                 $hashDoc = new Unsee_Hash($_POST['hash']);
                 $updating = true;
                 $response = array();
                 if (!Unsee_Session::isOwner($hashDoc) && !$hashDoc->allow_anonymous_images) {
                     die('[]');
                 }
             } else {
                 // Creating a new hash
                 $hashDoc = new Unsee_Hash();
                 $this->setExpiration($hashDoc);
                 $response->hash = $hashDoc->key;
             }
             $imageAdded = false;
             foreach ($files as $file => $info) {
                 if ($upload->isUploaded($file)) {
                     $imgDoc = new Unsee_Image($hashDoc);
                     $res = $imgDoc->setFile($info['tmp_name']);
                     $imgDoc->setSecureParams();
                     //hack to populate correct secureTtd
                     if ($updating) {
                         $ticket = new Unsee_Ticket();
                         $ticket->issue($imgDoc);
                         $newImg = new stdClass();
                         $newImg->hashKey = $hashDoc->key;
                         $newImg->key = $imgDoc->key;
                         $newImg->src = '/image/' . $imgDoc->key . '/' . $imgDoc->secureMd5 . '/' . $imgDoc->secureTtd . '/';
                         $newImg->width = $imgDoc->width;
                         $newImg->ticket = md5(Unsee_Session::getCurrent() . $hashDoc->key);
                         $response[] = $newImg;
                     }
                     if ($res) {
                         $imageAdded = true;
                     }
                     // Remove uploaded file from temporary dir if it wasn't removed
                     if (file_exists($info['tmp_name'])) {
                         @unlink($info['tmp_name']);
                     }
                 }
             }
             if (!$imageAdded) {
                 throw new Exception('No images were added');
             }
         }
     } catch (Exception $e) {
         $response->error = $e->getMessage();
     }
     $this->_helper->json->sendJson($response);
 }