<?php

session_start();

require_once("Database.class.php");
require_once("constants.php");

class Session {
    public static function get_admin_session()
    {
        return Database::escape_string($_SESSION[$GLOBALS["SESSION_ADMIN"]]);
    }

    public static function get_visitor_session()
    {
        return Database::escape_string($_SESSION[$GLOBALS["SESSION_VISITOR"]]);
    }

    public static function generate_id()
    {
        return uniqid(uniqid("", true), true);
    }

    public static function login($user_id)
    {
        $session_id = self::generate_id();
        $expiry = time() + $GLOBALS["SESSION_ADMIN_VALIDITY"];
        $query = "INSERT INTO `user_sessions` (`session_id`, `user_id`, `expiry`) VALUES ('$session_id', $user_id, $expiry);";
        Database::execute_query($query);
        $_SESSION[$GLOBALS["SESSION_ADMIN"]] = $session_id;
        return self::is_logged_in() == $user_id;
    }

    public static function logout()
    {
        $query = "DELETE FROM `admin_sessions` WHERE `session_id` = '" . self::get_admin_session() . "';";
        Database::execute_query($query);
        unset($_SESSION[$GLOBALS["SESSION_ADMIN"]]);
    }

    public static function is_logged_in()
    {
        $query = "SELECT `user_id` FROM `admin_sessions` WHERE `session_id` = '" . self::get_admin_session() . "';";
        $result = Database::execute_query($query);
        if ($result->num_rows == 1) {
            return $result->fetch_assoc()["user_id"];
        }
        return false;
    }

    public static function remember_visitor($visitor_id)
    {
        $session_id = self::generate_id();
        $expiry = time() + $GLOBALS["SESSION_VISITOR_VALIDITY"];
        $query = "INSERT INTO `visitor_sessions` (`session_id`, `user_id`, `expiry`) VALUES ('$session_id', $visitor_id, $expiry);";
        Database::execute_query($query);
        $_SESSION[$GLOBALS["SESSION_VISITOR"]] = $session_id;
        return self::get_visitor() == $visitor_id;
    }

    public static function get_visitor()
    {
        $query = "SELECT `visitor_id` FROM `visitor_sessions` WHERE `session_id` = '" . self::get_visitor_session() . "';";
        $result = Database::execute_query($query);
        if ($result->num_rows == 1) {
            return $result->fetch_assoc()["visitor_id"];
        }
        return false;
    }

    public static function forget_visitor($visitor_id)
    {
        $query = "DELETE FROM `visitor_sessions` WHERE `session_id` = '" . self::get_visitor_session() . "';";
        Database::execute_query($query);
        unset($_SESSION[$GLOBALS["SESSION_VISITOR"]]);
    }
}