package DB_Session;
use strict;
use DB_Functions;

# Objektkonstruktor
# Das Objekt hat die Eigenschaften
# {SID} : SessionID
# {STIME} : Zeitstempel der Session
# {$par} = $wert : Session-Parameter = Wert des Parameters
sub new {
  my $Objekt = shift;
  my $SID = shift;
  if(!$SID || $SID != /^[a-zA-Z0-9-_]{16}$/ ) {
    $SID = _create_SID();
  }
  my $Referenz = {};
  bless($Referenz,$Objekt);
  $Referenz->_init($SID);
  return($Referenz);
}

# interne Sub, um die Session zu initialisieren
sub _init {
  my $Objekt = shift;
  my $SID = shift;
  my $stm;
  my @row;
  my $para = '';
  my $abst = 1800;
  my $time = time();
  my $akt = time() - $abst;
  DB_Connect();
  DB_Query("DELETE FROM sessions WHERE session_time < $akt");
  $stm = DB_Query("SELECT session_id,session_time,session_act FROM sessions WHERE session_id = '$SID'");
  my $rows = $stm->rows;
  if ($rows == 0) {
    DB_Query("INSERT INTO sessions SET session_id='$SID',session_time=$time,session_act='$para'");
  }
  elsif ($rows > 1) {
    DB_Close();
    die("Zu viele Sessions");
  }
  else {
	while ( @row =  $stm->fetchrow_array() ) {
      $SID = $row[0];
      $time = $row[1];
      $para = $row[2];
    }
  }
  $stm->finish();
  DB_Close();
  $Objekt->{SID} = $SID;
  $Objekt->{STIME} = $time;
  if( $para ne '' ) {
    my @params = split(/;/,$para);
    foreach(@params) {
      my ( $schl, $wert ) = split(/:/,$_);
      $Objekt->{$schl} = $wert;
    }
  }
}

# interne Sub zur Erzeugung der SessionID
# Danke an Christian Kruse vom Selfhtml-Team
sub _create_SID {
  my $rmid = $ENV{HTTP_X_FORWARDED_FOR} || $ENV{REMOTE_ADDR} || '654.546.654.546';
  $rmid =~ tr/./0/;
  $rmid = pack("a[12]",$rmid);
  my @chars = split // => 'aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ0123456789-_';
  my $id = '';
  $id .= $chars[$_] foreach split // => $rmid;
  $id .= $chars[rand @chars] for 1..4;
  return $id;
}

sub set_param {
  my $Objekt = shift;
  my $schl = shift;
  my $wert = shift;
  $Objekt->{$schl} = $wert;
  $Objekt->_update();
}

sub get_param {
  my $Objekt = shift;
  my $schl = shift;
  my $wert = shift;
  if($Objekt->{$schl}) {
    return $Objekt->{$schl};
  }
  else {
    return undef;
  }
}

sub _update {
  my $Objekt = shift;
  my $params = '';
  while ((my $schl, my $wert) = each %{ $Objekt } ) {
    next if ($schl eq 'SID' or $schl eq 'STIME');
    $params .= "$schl:$wert;";
  }
  chop($params);
  DB_Connect();
  DB_Query("UPDATE sessions SET session_act='$params' WHERE session_id = '$Objekt->{SID}'");
  DB_Close();
}

sub s_destroy {
  my $Objekt = shift;
  DB_Connect();
  DB_Query("DELETE FROM sessions WHERE session_id = '$Objekt->{SID}'");
  DB_Close();
}

1;