<?php

/**
 * PDO Session Handler
 * @author Daniel15 <dan.cx>
 *
 * modificata da carlo@chierotti.net
 * per gestire la scadenza della sessione
 *
 * testata in PHP53, se si passa a PHP54 si potrebbe utilizzare
 * http://php.net/manual/en/class.sessionhandlerinterface.php
 */

/*
CREATE TABLE `sessions` (
  `id` varchar(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '',
  `last_activity` int(10) unsigned DEFAULT NULL,
  `expiration` int(10) unsigned DEFAULT NULL,
  `data` text CHARACTER SET utf8 COLLATE utf8_bin,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
*/

abstract class PDOSession
{
    /**
     * handler al db
     * @var object
     */
    private static $db;

    /**
     * numero di secondi di inattività dopo di cui la sessione scade
     * @var integer
     */
    private static $secondsToLive = 28800; // 60 secondi * 60 minuti * 8 ore

    /**
     * numero di secondi dopo i quali il garbage collect elimina la sessione
     * @var integer
     */
    private static $secondsToGC = 86400; // 60 secondi * 60 minuti * 24 ore

    /**
     * Initialise the PDO session handler
     * @param PDO PDO instance to use for database
     */
    public static function init(PDO $db)
    {
        self::$db = $db;
        // Add the session handlers
        session_set_save_handler(
            'PDOSession::open',
            'PDOSession::close',
            'PDOSession::read',
            'PDOSession::write',
            'PDOSession::destroy',
            'PDOSession::garbageCollect'
        );
        session_start();
    }

    /**
     * Session open handler
     * @param string Path to save session to
     * @param string Name of the session
     */
    public static function open($save_path, $session_name)
    {
        // Nothing
        return true;
    }

    /**
     * Session close handler
     */
    public static function close()
    {
        // Nothing
        return true;
    }

    /**
     * Session load handler. Load the session
     * @param string Session ID
     */
    public static function read($session_id)
    {
        $executionTime = time();

        // Load the session data from the database
        $query = self::$db->prepare('
            SELECT data, last_activity, expiration
            FROM sessions
            WHERE id = :session_id');

        $query->execute(array(':session_id' => $session_id));

        $session = $query->fetch();

        $sessionData = $session['data'];
        $lastActivity = $session['last_activity'];
        $expirationTime = $session['expiration'];

        if ($expirationTime > 0 && $expirationTime < time()) {
            // equivalente a $_SESSION['STATUS'] = 'expired'
            return $sessionData .'STATUS|s:7:"expired"';
        } else {
            return $sessionData;
        }

    }

    /**
     * Session save handler. Save the session
     * @param string Session ID
     * @param string Data to save to session
     */
    public static function write($session_id, $data)
    {
        $expiration = time() + self::$secondsToLive;

        /* Try to update the existing session. If we can't find one, then create a new one. If you
         * are using MySQL, this can be done in a single INSERT statment via
         * INSERT ... ON DUPLICATE KEY UPDATE.
         *
         * See http://dev.mysql.com/doc/refman/5.0/en/insert-on-duplicate.html
         */

        self::$db
            ->prepare('
                INSERT INTO sessions
                    (id, data, last_activity, expiration)
                VALUES
                    (:session_id, :data, :last_activity, :expiration)
                ON DUPLICATE KEY UPDATE
                    data = :data,
                    last_activity = :last_activity,
                    expiration = :expiration')
            ->execute(array(
                ':session_id' => $session_id,
                ':data' => $data,
                ':last_activity' => time(),
                ':expiration' => $expiration)
            );
    }

    /**
     * Session delete handler. Delete the session from the database
     * @param string Session ID
     */
    public static function destroy($session_id)
    {
        self::$db
            ->prepare('
                DELETE FROM sessions
                WHERE id = :session_id')
            ->execute(array(':session_id' => $session_id));
    }

    /**
     * Session garbage collector. Delete any old expired sessions
     */
    public static function garbageCollect()
    {
        self::$db
            ->prepare('
                DELETE FROM sessions
                WHERE last_activity < :min_time')
            ->execute(array(':min_time' => time() - self::$secondsToGC));
    }
}
?>