Limit album/tag downloading on a user basis.

This removes the limit of downloading albums only; tags are fine, too.

Now using UserFacingException for certain exceptions, as these are
displayed to the user.

Removing the inheritance of HTMLController, as we intend to output binary
data only.

controllers/Download.php

@@ -6,7 +6,7 @@
  * Kabuki CMS (C) 2013-2019, Aaron van Geffen
  *****************************************************************************/
 
-class Download extends HTMLController
+class Download
 {
 	public function __construct()
 	{
@@ -15,38 +15,18 @@ class Download extends HTMLController
 		if (!$user->isLoggedIn())
 			throw new NotAllowedException();
 
-		if(!isset($_GET['tag']))
+		if (!isset($_GET['tag']))
-			throw new UnexpectedValueException('Must specify an album to download');
+			throw new UserFacingException('No album or tag has been specified for download.');
 
 		$tag = (int)$_GET['tag'];
 		$album = Tag::fromId($tag);
 
-		if($album->kind !== 'Album')
+		if (isset($_SESSION['current_export']))
-			throw new UnexpectedValueException('Specified tag does not correspond to an album');
+			throw new UserFacingException('An export of "' . $tag->tag . '" is ongoing. Please try again later.');
 
-		//Yes TOCTOU but it does not need to be perfect.
+		// So far so good?
-		$lock_file = join('/', [sys_get_temp_dir(), 'pics-export.lock']);
+		$this->exportAlbum($album);
-		if(!file_exists($lock_file))
+		exit;
-		{
-			try
-			{
-				$fp = fopen($lock_file, 'x');
-
-				if(!$fp)
-					throw new UnexpectedValueException('Could not open lock-file');
-
-				$this->exportAlbum($album);
-			}
-			finally
-			{
-				fclose($fp);
-				unlink($lock_file);
-			}
-		}
-		else
-			throw new UnexpectedValueException('Another export is busy, please try again later');
-
-		exit();
 	}
 
 	private function exportAlbum($album)