<?
/* dowload.php
* image delivery
*
* @category   API
* @package    bilderbeute
* @author     Gerhard Ziegler
* @copyright  Gerhard Ziegler
* @params
*   ID
*   txid
*   auth_token
*   sig
*   tan
* 
* valid combinations
* 
* 
* TODO:
* 
*  TX-record dwnl/imag/customer/id/note
*  SIGNED REQUESTS only
* 
* NOTE:
* 
* ****************************************************************
* $auth_token is now a session_id. anything only works as long as
* image-server is equal to app-server
* **************************************************************** 
* 
* interesting header types 
* header("Content-Description: File Transfer");
* header("Content-Type: application/force-download");
* header("Content-Disposition: attachment; filename=".basename($file)); 
* 
* 
**/
$ID			=$_REQUEST['ID'];
$txid		=$_REQUEST['txid'];
$tan		=$_REQUEST['tan'];
$sig		=$_REQUEST['sig'];
$auth_token	=$_REQUEST['auth_token'];

include "prolog.inc.php";

if(!$ID){
  header ("Content-Type: text/html");
  echo "Sorry - an error has occured. Cannot deliver Image\n";
  exit;
}
$img=ZA_ContentStore::loadObject($ID);
$img_title=$img->values['title'];
$img_alias=$img->alias;

if(!$img){
  header ("Content-Type: text/html");
  echo "Sorry - an error has occured (bad id). Cannot deliver Image\n";
  exit;
}

if($ID && $sig){
  $signature=md5($ID.$myUser['authKey']);
  #var_dump($myUser);
  if($signature!=$sig){
    # only if someone tries to fake
    header ("Content-Type: text/html");
    echo "Sorry - an error has occured (bad sig). Cannot deliver Image\n";
    exit;
  }
}

require_once ($CMS['sys_path']."/lib/IM_Toolbox.class.php");
header ("Content-Type: image/png");

### HACK
$file=$ZACK->rsrc_Path(null, $ID, false);
$file.='DEFAULT_IMAGES(XL).jpg';

if(!file_exists($file)){
  $file=$ZACK->rsrc_Path(null, $ID, false);
  $file.='__XL_bcX.jpg';
}

$size = getimagesize ($file);
$width=$size[0]; $height= $size[1];

if($myUser['user_constraint_image_size']){
  $scaleX=$myUser['user_constraint_image_size'];
  $nwidth=$scaleX; $nheight=$scaleX*$height/$width;
  if($width<$height) {
    $nheight=$scaleX; $nwidth=(int)($scaleX*$width/$height);
  }
  $width=$nwidth;
  $height=$nheight;
}

# check for existing ORDER, No Scale immediate delivery
if($txid=='sCxYjvBdbpzTenNxoblZX'){
	$itoolbox=new IM_Toolbox($file);
  $itoolbox->newOutputSize((int)$width,(int)$height);  
  $itoolbox->output('jpg', 85, false); 
  exit; 
}

# TAN based download
/*----------------------------------------------------
 * Logik
 * TAN gilt f�r jedes m�gliche Bild
 * ein Bild kann max. dreimal herunter geladen werden
 * aber nur das Bild des 1. downloads
 * -------------------------------------------------*/
if(isset($tan) && isset($ID)){
  if(($tanID=$db->getIDFromAlias($tan)) && $TAN=ZA_ContentStore::loadObject($tanID)){ 
    if($TAN && ($TAN->values['pubStatus']>0 || 
      ($TAN->values['viewCount']<3) && $TAN->values['itemID']==$ID)) { 
      if($img->ownerID == $TAN->ownerID){	     
        header("Cache-Control: no-store, no-cache");
        header ("Content-Disposition: filename=${img_alias}_${ID}.jpg;");
	      $itoolbox=new IM_Toolbox($file);
        $itoolbox->newOutputSize((int)$width,(int)$height);  
        $itoolbox->output('jpg', 85, false); 
        $txType='dtan';
        $tx=array('txType' => $txType, 'itemType' => 'foto', 'userID' => $TAN->ownerID,
          'itemID' => $ID, 'txID' => $tan, 
          'amount' => 1, 'text'=>$img_title);
        $ZACK->TX($txType, $tx);
        if($TAN->values['pubStatus']>0)$TAN->values['itemID']=$ID;
        $TAN->values['pubStatus']=0;
        $ZACK->obj_store($TAN); 
        $ZACK->db->viewCountAdd($tanID); 
        exit;
      } 
    }
  }
  # tan error must have ocurred
  header ("Content-Type: text/html");
  echo "Sorry - an error has occured. Your TAN is not valid or has expired! \n";
  echo "Please contact the Photographer!";
  exit;
}

/* -----------------------------------------------
 * download if user has *zack_perm_download_hires* 
 * and request is signed
 * ---------------------------------------------*/
if($sig && $ID && $myUser['user_id']){
  if($ZACK->userCanDo('zack_perm_download_hires')){ 
    header("Cache-Control: no-store, no-cache");
    header ("Content-Disposition: filename=${img_alias}_${ID}.jpg;");
	  $itoolbox=new IM_Toolbox($file);
    $itoolbox->newOutputSize((int)$width,(int)$height);  
    $itoolbox->output('jpg', 85, false);
    # download HIRES
    $txType='dlhi';
    $tx=array('txType' => $txType, 'itemType' => 'foto', 'userID' => $myUser['user_id'],
          'itemID' => $ID, 'txID' => $_SERVER["REMOTE_ADDR"], 
          'amount' => 1, 'text'=>$img_title);
    $ZACK->TX($txType, $tx);
    exit;
  }
}
/* -----------------------------------------------
 * download if auth_token && 
 * user has *zack_perm_download_hires* 
 * ---------------------------------------------*/
if($auth_token && $myUser['groupID']==$img->groupID){
  if($ZACK->userCanDo('zack_perm_download_hires')){ 
    header("Cache-Control: no-store, no-cache");
    header ("Content-Disposition: filename=${img_alias}_${ID}.jpg;");
	  $itoolbox=new IM_Toolbox($file);
    $itoolbox->newOutputSize((int)$width,(int)$height);  
    $itoolbox->output('jpg', 85, false);
    # download HIRES
    $txType='dlhi';
    $tx=array('txType' => $txType, 'itemType' => 'foto', 'userID' => $myUser['user_id'],
          'itemID' => $ID, 'txID' => $_SERVER["REMOTE_ADDR"], 
          'amount' => 1, 'text'=>$img_title);
    $ZACK->TX($txType, $tx);
    exit;
  }
}

/* -----------------------------------------------
 * delivery of CC-licensed material: 
 * license type: cc:by-nd, cc:by-nc-nd
 * => No Scale, immediate Delivery
 * 
 * ---------------------------------------------*/
 if(isset($ID) && !$txid){
   if($img->values['license']=='cc:by-nc-nd' || $img->values['license']=='cc:by-nd'){ 
      header("Cache-Control: no-store, no-cache");
      header ("Content-Disposition: filename=${img_alias}_${ID}.jpg;");
      $size = getimagesize ($file);
      $width=$size[0]; $height= $size[1];

	    $itoolbox=new IM_Toolbox($file);
      $itoolbox->newOutputSize((int)$width,(int)$height);  
      $itoolbox->output('jpg', 85, false); 
      $txType='dlhi';
      $tx=array('txType' => $txType, 'itemType' => 'foto', 'userID' => $myUser['user_id'],
          'itemID' => $ID, 'txID' => $_SERVER["REMOTE_ADDR"], 
          'amount' => 1, 'text'=>$img_title );
      $ZACK->TX($txType, $tx);
      exit; 
   }
 } 
  
/* -----------------------------------------------
 * delivery with sales txid
 * check for existing ORDER, No Scale, immediate delivery
 * ---------------------------------------------*/  
 
if($txid)
  if(($TID=$db->getIDFromAlias($txid)) && $order=ZA_ContentStore::loadObject($TID)) 
    if($order && $order->values['payment_status']=='Completed') { 
      header ("Content-Disposition: filename=${img_alias}_${ID}.jpg;");
	  $itoolbox=new IM_Toolbox($file);
      $itoolbox->newOutputSize((int)$width,(int)$height);  
      $itoolbox->output('jpg', 85, false); 
      exit; 
    }

# download layout
$txType='dlla';
$tx=array('txType' => $txType, 'itemType' => 'foto', 'userID' => $myUser['user_id'],
          'itemID' => $ID, 'txID' => $_SERVER["REMOTE_ADDR"], 
          'amount' => 1, 'text'=>$img_title );
$ZACK->TX($txType, $tx);

$scaleX=$CMS['site-image-layout-size']?$CMS['site-image-layout-size']:640;
$nwidth=$scaleX; $nheight=$scaleX*$height/$width;
if($width<$height) {
  $nheight=$scaleX; $nwidth=(int)($scaleX*$width/$height);
}
$stamp=$_SERVER['DOCUMENT_ROOT']."/img/stamp.png";
$stampV=$_SERVER['DOCUMENT_ROOT']."/img/stampV.png";

$group=$img->values['groupID'];
if(file_exists($_SERVER['DOCUMENT_ROOT']."/img/$group-stamp.png"))
  $stamp=$_SERVER['DOCUMENT_ROOT']."/img/$group-stamp.png";
if(file_exists($_SERVER['DOCUMENT_ROOT']."/img/$group-stampV.png"))
  $stampV=$_SERVER['DOCUMENT_ROOT']."/img/$group-stampV.png";
  
if($width>$height )$watermark=$stamp;
else $watermark=$stampV;
  
header ("Content-Disposition: filename=${img_alias}_${ID}.jpg;");
$itoolbox=new IM_Toolbox($file);
$itoolbox->newOutputSize((int)$nwidth,(int)$nheight);  
$itoolbox->addWatermark($watermark);  
$itoolbox->output('jpg', 85, false);  
?>