<?php
/** \file include\session.php
 *  \brief DI webinterface session functions
 *  \author Rob Schalken, Core|Vision
 *  \version 1.0
 *  \date 17-10-2008
 *
 * This file contains the session functions.
 */

/*
 * Required pages
 */
require_once("db.php");


/*
 * Function called when session started
 */
function on_session_start($save_path, $session_name)
{
    GLOBAL $_PAGE_INFO;

    // Setup database connection
    db_connect("default", "session");
}


/*
 * Function called when session ends
 */
function on_session_end()
{
}


/*
 * Function called when session read
 */
function on_session_read($key)
{
    GLOBAL $_PAGE_INFO;

    // Intial values
    $result = "";

    // Find session info
    $query = "SELECT data FROM session WHERE id ='" . $key . "' ";
    $query .= "AND expiration > unix_timestamp(now())";

    // Execute query
    $row = db_fetch_data($query, "session");

    if (!empty($row)) {
        $result = $row[0]['data'];
    }

    // Return result
    return $result;
}


/*
 * Function called when session write
 */
function on_session_write($key, $val)
{
    GLOBAL $_PAGE_INFO;

    // Read only session?
    if (!isset($_PAGE_INFO['session_read_only'])) {
        $nr_hours = ((is_dev("RS3000")) || (is_dev("APP"))) ? 8 : 1;

        // Update/insert new session info
        $query = "REPLACE INTO session (id, data, expiration) VALUES('" . $key . "', ";
        $query .= "'" . addslashes($val) . "',unix_timestamp(date_add(now(), interval " . $nr_hours . " hour)))";
        db_store_data($query, "session");

        // Commit transaction
        db_store_data("COMMIT", "session");
    }
}


/*
 * Function called when session destroyed
 */
function on_session_destroy($key)
{
}


/*
 * Function called when session garbage collector is active
 */
function on_session_gc($max_lifetime)
{
    // Debug info
    DBG("Session garbage collector start");

    // Setup connection with the database
    db_connect("default", "session");

    // Find unused session info, limit to 10 sessions at a time to prevent slow page loads
    $sessions = db_fetch_data("SELECT id FROM session WHERE expiration < unix_timestamp(now()) LIMIT 10", "session");

    if (is_array($sessions)) {
        // Start transaction
        db_store_data("START TRANSACTION", "session");

        foreach ($sessions as $session) {
            // Remove old sessions (Garbage collector functionality)
            db_store_data("DELETE FROM session WHERE id='" . $session['id'] . "'", "session");
        }

        // Commit transaction
        db_store_data("COMMIT", "session");
    }

    // Debug info
    DBG("Session garbage collector");
}


/*
 *  Create unique session id
 */
function UniqSessionId()
{
    do {
        $id = uniqid("");
    } while (is_array($_SESSION[$id]));

    return $id;
}


/*
 *  Stop session, only needed for non-readonly session
 */
function SessionStop()
{
    // Valid session?
    if (strlen(session_id())) {
        // Unlock session
        session_write_close();
    }
}


/*
 *  Start session
 */
function SessionStart($session_id = "", $skip_checks = FALSE)
{
    GLOBAL $_PAGE_INFO;

    // Initial values
    $SaveSession = FALSE;

    // Use $_GET or other session id?
    $_PAGE_INFO['id'] = (strlen($session_id)) ? $session_id : $_GET['id'];

    // Register session handle (Called here because of php bug)
    session_set_save_handler("on_session_start",
        "on_session_end",
        "on_session_read",
        "on_session_write",
        "on_session_destroy",
        "on_session_gc");

    // Start session
    session_start();

    // Skip new_id checks??
    if (!$skip_checks) {
        // Skip extended menu
        if ((isset($_PAGE_INFO['id'])) && (strlen($_PAGE_INFO['id']))) {
            // New session?
            if (isset($_GET['new_id'])) {
                // Store old session id
                $_PAGE_INFO['old_id'] = $_PAGE_INFO['id'];

                // Copy original session info
                $_SESSION[$_GET['new_id']] = $_SESSION[$_PAGE_INFO['id']];

                // Store main id
                $_SESSION[$_GET['new_id']]['main_id'] = $_PAGE_INFO['id'];

                // Set global id
                $_PAGE_INFO['id'] = $_GET['new_id'];

                // Extended menu?
                if ($_GET['extended_menu']) {
                    $_SESSION[$_PAGE_INFO['id']]['extended_menu'] = $_GET['extended_menu'];
                }

                // Store original id => Needed for support portal
                if (!isset($_SESSION[$_PAGE_INFO['id']]['original_id'])) {
                    $_SESSION[$_PAGE_INFO['id']]['original_id'] = $_SESSION[$_GET['new_id']]['main_id'];
                }

                // Store session info
                $SaveSession = TRUE;
            } // Renew session => Duplicate session info
            else if (isset($_GET['renew'])) {
                // Store old session id
                $_PAGE_INFO['old_id'] = $_PAGE_INFO['id'];

                // Get new session id
                $_PAGE_INFO['id'] = UniqSessionId();

                // Copy old data to new array
                $_SESSION[$_PAGE_INFO['id']] = $_SESSION[$_PAGE_INFO['old_id']];

                // Store original id => Needed for support portal
                if (!isset($_SESSION[$_PAGE_INFO['id']]['original_id'])) {
                    $_SESSION[$_PAGE_INFO['id']]['original_id'] = $_PAGE_INFO['old_id'];
                }

                // extended menu id available?
                if (isset($_SESSION[$_PAGE_INFO['id']]['extended_menu_id'])) {
                    // Store old extended menu session id
                    $old_extended_menu_id = $_SESSION[$_PAGE_INFO['id']]['extended_menu_id'];

                    // Generate new id
                    $_SESSION[$_PAGE_INFO['id']]['extended_menu_id'] = UniqSessionId();

                    // Copy old data to new array
                    $_SESSION[$_SESSION[$_PAGE_INFO['id']]['extended_menu_id']] = $_SESSION[$old_extended_menu_id];
                }

                // Store session info
                $SaveSession = TRUE;
            }
        } else {
            // Generate new id
            $_PAGE_INFO['id'] = UniqSessionId();
        }

        // Update timestamp (needed for online tooling)
        $_SESSION[$_PAGE_INFO['id']]['last_access'] = time();

        // Store session in between?
        if ($SaveSession) {
            // Update global variables => Otherwhise the user logged in will be unknown!!
            UpdateGlobals();

            // Log action in db
            db_log_user("login", "original_session_id: " . session_id() . "_" . $_PAGE_INFO['old_id']);

            // Remove previous user log
            if (isset($_GET['user_log_id'])) {
                $user_log_entry = db_fetch_user_log(NULL, $_GET['user_log_id']);
                if (is_array($user_log_entry)) {
                    if ($user_log_entry[0]['session_id'] == (session_id() . "_" . $_PAGE_INFO['old_id'])) {
                        // Delete user_log_id => We detected to late that this was a new session
                        db_delete_user_log(NULL, $_GET['user_log_id']);
                    }
                }
            }

            // Remove history!
            unset($_SESSION[$_PAGE_INFO['id']]['href_history_prev']);
            unset($_SESSION[$_PAGE_INFO['id']]['href_history']);

            // "Stop" session => store new session info => Needed for fetch_info user_rights check!!
            // Otherwhise we got a logout!
            SessionStop();

            // Restart session
            SessionStart($_PAGE_INFO['id'], TRUE);
        }
    }

    // Session expired?
    if (!isset($_PAGE_INFO['session_read_only'])) {
        if (is_array($_SESSION)) {
            // Store session info
            $tmp = $_SESSION;

            foreach ($tmp as $session_identifier => $session_value) {
                // Skip this session
                if ($session_identifier != $_PAGE_INFO['id']) {
                    // Skip extended menu
                    if ((isset($_SESSION[$session_identifier]['last_access'])) && (!isset($_SESSION[$session_identifier]['extended_menu']))) {
                        // Expired? 1 minute?
                        if (abs(time() - $_SESSION[$session_identifier]['last_access']) > 60) {
                            // Extended menu avaiable
                            if (isset($_SESSION[$session_identifier]['extended_menu_id'])) {
                                // remove session
                                unset($_SESSION[$_SESSION[$session_identifier]['extended_menu_id']]);

                                // Debug info
                                Dbg("SESSION removed: " . $_SESSION[$session_identifier]['extended_menu_id'] . " (extended menu)");
                            }

                            // remove session
                            unset($_SESSION[$session_identifier]);

                            // Debug info
                            Dbg("SESSION removed: " . $session_identifier . ", PAGE_INFO['id']: " . $_PAGE_INFO['id'] . ", GET['id']: " . $_GET['id']);
                        }
                    }
                }
            }
        }
    }
}


/*
 * Call Start of session
 */
SessionStart();
?>