<?php

class Session {

	var $cookie;

	private $db;

	var $level = 0;

	var $cookie_name;

	var $values = array();

	function clean()
		{
			global $config;

			if($config['session']=='1')
				{
					$time = time()-$config['session_time'];
					$ip = encode_ip();
					$ipmax = $config['session_max'];

					$table = $config['session_table'];

					$this->db->connexion();

					$this->db->query("DELETE FROM $table WHERE time < $time AND active = TRUE");

					if($ipmax > 0) $this->db->query("DELETE FROM $table WHERE ip = (SELECT ip FROM $table GROUP BY ip HAVING COUNT(ip) > $ipmax)");

					$this->db->deconnexion();
				}
		}

	function new_cookie()
		{
			global $config;

			if($config['session']=='1')
				{
					$time = time();

					$level = (is_int($this->level) && strlen($this->level) <= 2) ? $this->level : 0 ;

					$sess_cookie = random(256);
					$ip = encode_ip();

					$this->cookie = $sess_cookie;

					$table = $config['session_table'];

					$this->db->connexion();

					$this->db->escape($sess_cookie);

					$this->db->query("INSERT INTO $table(session,time,ip,var,level,active) VALUES(X'$sess_cookie',$time,X'$ip',$level,0,TRUE) ");

					$this->db->deconnexion();

					cookie((empty($this->cookie_name)?$config['session_name']:$this->cookie_name),base64_encode(hexstr($this->cookie)));
				}
		}

    function load()
    	{
    		$this->db = new bdd();

    		$this->clean();

			global $config;

			if($config['session']=='1')
				{
					if(base64_decode(gpc($config['session_name'],'cookie')))
						{
							$cookie = strhex(base64_decode(gpc($config['session_name'],'cookie')));
							$ip = encode_ip();

							$table = $config['session_table'];

							$this->db->connexion();

							$this->db->escape($cookie);

							$query = $this->db->unique_query("SELECT session,level,var FROM $table WHERE session= X'$cookie' AND ip= X'$ip' AND active= TRUE");

							$this->db->deconnexion();

							if($this->db->num_rows == 1)
								{
									$this->cookie = bithex($query['session']);
									$this->level = $query['level'];
									if(!empty($query['var'])) $this->values = unserialize($query['var']);

									$time = time();

									$this->db->connexion();

									$this->db->query("UPDATE $table SET time='$time' WHERE session= X'$cookie'");

									$this->db->deconnexion();

									cookie((empty($this->cookie_name)?$config['session_name']:$this->cookie_name),base64_encode(hexstr($this->cookie)));
								}
							else $this->new_cookie();
						}
					else $this->new_cookie();
				}

    	}

    function put($uid = NULL)
    	{
    		global $config;

			if($config['session']=='1' && !empty($this->cookie))
				{
					$var = serialize($this->values);

					$cookie = $this->cookie;

                                        $uid = empty($uid) ? '0' : md5($uid);

					$level = (is_int($this->level) && strlen($this->level) <= 2) ? $this->level : 0 ;

					$table = $config['session_table'];

					$this->db->connexion();

					$this->db->escape($var);

					if($uid != '0') $this->db->query("DELETE FROM $table WHERE uid = X'$uid' AND session != X'$cookie' AND active = TRUE");

					$this->db->query("UPDATE $table SET var='$var', level='$level', uid= X'$uid'  WHERE session= X'$cookie'");

					$this->db->deconnexion();
				}
    	}

    function close()
    	{
    		global $config;

    		if($config['session']=='1' && !empty($this->cookie))
    			{
					$cookie = $this->cookie;

					$table = $config['session_table'];

					$this->db->connexion();

					$this->db->query("DELETE FROM $table WHERE session = X'$cookie' AND active = TRUE");

					$this->db->deconnexion();

					cookie((empty($this->cookie_name)?$config['session_name']:$this->cookie_name),'',time()-3600);

					$this->values = array();
					$this->level = 0;
    			}
    	}
}
?>