<?php
/*************************************************************************\
||=======================================================================||
||                                                                       ||
||  Session Module                                                       ||
||                                                                       ||
||  Written by: Alex Honeywell                                           ||
||    Website: http://www.seigousei.net                                  ||
||  Last Updated: 14/04/06                                               ||
||                                                                       ||
||=======================================================================||
\*************************************************************************/

// Changes since last version
/* 1.1 */
# Added - Password salt support

define( "session_VERSION", 1.0 );

class session 
{
    var $remember;

    function _open( $save_path, $session_name )
    { 
        global $bin, $db;
        return true; 
    } 
    function _close()
    {
        return true; 
    } 

    function _read( $id )
    { 
        global $bin, $db;

        $row = $db->mysql->fetch( mysql_query( "SELECT `id` FROM `sessions` WHERE `id` = '". $id ."' AND `expire` > UNIX_TIMESTAMP();" ) );
        if ( isset( $row->id ) )
        {
            $s = $row->id;
            if ( $this->eatCookie( "_r" ) )
            {
                $s = $this->eatCookie( "_r" );
                $this->bakeCookie( $this->eatCookie( "_r" ), "_r", 60*60*24*$bin->conf['remember_length'] );
            }
            $this->bakeCookie( $s, "_s", 60*15 );
            return $row->id;
        }
        
        return false;
    } 

    function _write( $key, $val )
    { 
        global $bin, $db, $s_cookie;
        $db->mysql->connect();
        $onlinec = "";
        $onlinev = "";
        if ( $bin->online )
        {
            $onlinec = ",`guest`,`user_id`";
            $onlinev = ",'0','".$bin->USER['id']."'";
        }

        $query = mysql_query( sprintf( "UPDATE `sessions` SET `id` = '%s', `data` = '%s', `expire` = '%d', `ip` = '%s', `lastclick` = '%s', `lctime` = '%d', `useragent` = '%s' WHERE `id` = '%s';",
            $key, $val, time()+60*15, $_SERVER['REMOTE_ADDR'], $_SERVER['QUERY_STRING'], time(), $_SERVER['HTTP_USER_AGENT'], $key
        ) );
        if ( !$query )
        {
            if ( $bin->online )
            {
                $checkdupe = mysql_query("SELECT * FROM `sessions` WHERE `id` = '".$bin->USER['id']."';");
                if ( $db->mysql->count($checkdupe) > 0 )
                    while ( $dupe = $db->mysql->fetch($checkdupe) )
                        mysql_query("DELETE FROM `sessions` WHERE `id` = '".$dupe->id."' LIMIT 1;");
            }
            else
            {
                $query = mysql_query( sprintf( "INSERT INTO `sessions` (`id`,`data`,`expire`,`ip`,`lastclick`,`lctime`,`useragent`%s) VALUES ('%s','%s','%d','%s','%s','%d','%s'%s);",
                    $onlinec, $key, $val, time()+60*15, $_SERVER['REMOTE_ADDR'], $_SERVER['QUERY_STRING'], time(), $_SERVER['HTTP_USER_AGENT'], $onlinev
                ) );
            }
        }
        return $query; 
    } 
    function _destroy($id)
    { 
        global $bin, $db; 
        $db->mysql->connect();
        $query = mysql_query("DELETE FROM `sessions` WHERE `id` = '".$id."';");
        $this->burnCookie( "_r" );
        $this->burnCookie( "_s" );
        $bin->online = false;
        return $query; 
    } 
    function _gc($maxlifetime)
    {
        global $bin, $db; 
        $db->mysql->connect();
        $query = mysql_query("DELETE FROM `sessions` WHERE `expire` < UNIX_TIMESTAMP();");
        return $query; 
    }
    function restore()
    {
        global $bin, $db;

        $db->mysql->connect();
        if ( $this->eatCookie( "_r" ) || $this->eatCookie( "_s" ) )
        {
            if ( $this->eatCookie( "_r" ) )
                $cookie = $this->eatCookie( "_r" );
            else
                $cookie = $this->eatCookie( "_s" );
                
            $row = $db->mysql->fetch( mysql_query( "SELECT `id`, `active`, `cookie`, `lastvisit` FROM `users` WHERE `cookie` = '". $cookie ."' LIMIT 1;" ) );
            if ( !isset( $row->id ) )
            {
                $this->burnCookie( "_r" );
                $this->burnCookie( "_t" );
            }
            else
            {
                if ( $row->active == -1 )
                    $bin->kill( $bin->lang['core']['active'] );
                else
                {
                    $this->createUser( $row->cookie );
                    $bin->USER['lastvisit'] = $row->lastvisit;
                    if ( $this->eatCookie( "_r" ) )
                        $this->bakeCookie( $row->cookie, "_r", 60*60*24*$bin->conf['remember_length'] );
                    $this->bakeCookie( $row->cookie, "_s", 60*15 );
                }
            }
        }
    }
    function newVisit()
    {
        global $bin, $db;
        mysql_query( "UPDATE `users` SET `lastvisit` = '".time()."' WHERE `id` = '".$bin->USER['id']."' LIMIT 1;" );
        if ( $bin->online )
            $this->bakeCookie( $bin->USER['cookie'], "_s", 60*15 );
        else
            $this->bakeCookie( session_id(), "_s", 60*15 );
    }
    function createGuest()
    {
        global $bin, $db;
        $bin->USER['lastvisit']  = time()-(60*60*24);
    }
    function createUser( $cookie )
    {
        global $bin, $db;
        $row = $db->mysql->fetch( mysql_query( "SELECT * FROM `users` WHERE `cookie` = '". $cookie ."'  LIMIT 1;" ) );

        mysql_query( "UPDATE `users` SET `lastloggedip` = '". $_SERVER['REMOTE_ADDR'] ."' WHERE `cookie` = '". $cookie ."' LIMIT 1;");
        $query = mysql_query( sprintf( "UPDATE `sessions` SET `ip` = '%s', `lastclick` = '%s', `lctime` = '%d', `useragent` = '%s' WHERE `id` = '%s';",
            $_SERVER['REMOTE_ADDR'], $_SERVER['QUERY_STRING'], time(), $_SERVER['HTTP_USER_AGENT'], session_id()
        ) );

        $bin->USER['cookie']    = $row->cookie;
        $bin->USER['id']        = $row->id;
        $bin->USER['level']     = $row->level;
        $bin->USER['email']     = $row->email;
        $bin->USER['data']      = $row->data;
        $bin->online = true;
    }
    function burnCookie( $name = "" )
    {
        global $bin;
        $name = $bin->conf['cookie_name'].$name;
        setcookie( $name, "", time()-3600, $bin->conf['cookie_path'], $bin->conf['cookie_domain'] );
    }
    function bakeCookie( $value = "", $name = "", $expire = 0 )
    {
        global $bin;

        $name = $bin->conf['cookie_name'].$name;
        $expire = time()+$expire;
            
        setcookie( $name, $value, $expire, $bin->conf['cookie_path'], $bin->conf['cookie_domain'] );
    }
    function eatCookie($name = "")
    {
        global $bin;        
        $name = $bin->conf['cookie_name'].$name;

        if ( isset( $bin->COOKIE[$name] ) )
            return $bin->COOKIE[$name];
        
        return false;
    }
    function makePassword( $password, $salt = "" )
    {
        global $bin;
        
        if ( $bin->conf['password_salt'] )
        {
            if ( empty( $salt ) )
            {
                $salt = $bin->func->generateRandom( 32 );
                return array( md5( $password . $salt ), $salt );
            }
            else
                $password .= $salt;
        }
            
        return md5( $password );
    }
    function cookie( $name, $pass )
    {
        return sha1( md5( sha1 ( strtolower( $name ) ) ) . sha1( $pass ) );
    }
    function getLevel( $level )
    {
        global $bin;

        if ( $bin->online && $bin->USER['level'] == $level )
            return true;
        
        return false;
    }
    function getLevelSign( $level )
    {
        global $bin;

        return $bin->conf['levels']{$level};
    }

}
?>