<?php
/**
 * Синглтон System_Session - создаёт доменный объект текущего пользователя
 */

class System_Session
{
	private static $oUser = false;
	private static $oUsersMapper;
	private static $oDatabase;

	private static $oInstance = null;

	public static function getInstance($requested_from_loader = false)
	{
		if (is_null(self::$oInstance))
		{
			self::$oInstance = new self();

			self::$oDatabase = System_Database::getInstance('site');

			require_once(System_Settings::getPathRoot().'/system/mappers/users.mysql.mapper.php');
			self::$oUsersMapper = new Users_MySQLMapper(self::$oDatabase);

			if (!self::$oUser)
			{
				self::$oUser = System_Essences::getEssence('Users');
				self::$oUser->setRights(array('guest' => true));
				
				if (isset($_SESSION['user']))
				{
					self::$oUser = self::getSession();
					if (!isset($_COOKIE['userKey']) or ($_COOKIE['userKey'] != self::$oUser->getKey()))
					{
						self::$oUser = System_Essences::getEssence('Users');
						self::$oUser->setRights(array('guest' => true));
					}
				}

				if (self::$oUser->isGuestStatus())
				{
					if (isset($_COOKIE['userKey']) and $_COOKIE['userKey']!='DIE')
					{
						if (self::$oUser = self::$oUsersMapper->findByKey($_COOKIE['userKey']))
						{
							self::$oUser->setRights(self::$oUsersMapper->getRights(self::$oUser));
							self::$oUser->setLastTime(date('Y-m-d H:i:s'));
							
							if (self::$oUser->isBannedStatus()) {
								self::killSession();
							} else {
								self::setSession(self::$oUser);
							}
						}
						else {
							self::killSession();
						}
					}
					else {
						self::login();
					}
				}
				else
				{
					if (!$requested_from_loader)
					{
						if(((time() - strtotime(self::$oUser->getLastTime())) > 300) or self::$oUsersMapper->checkOnNeedUpdate(self::$oUser))
						{
							self::$oUser = self::$oUsersMapper->findById(self::$oUser->getId());
							self::$oUser->setLastIp($_SERVER['REMOTE_ADDR']);
							self::$oUser->setSessionIsOld(null);
							self::$oUser->setRights(self::$oUsersMapper->getRights(self::$oUser));
							if (self::$oUser->isBannedStatus()) {
								self::killSession();
							}
						}
						$old_last_time = self::$oUser->getLastTime();
						self::$oUser->setLastTime(date("Y-m-d H:i:s"));
						self::$oUsersMapper->save(self::$oUser, array('user_last_ip', 'user_last_time', 'user_session_is_old'));
						self::$oUser->setLastTime($old_last_time);
					}
				}
			}
		}
		return self::$oInstance;
	}

	private function __construct(){}

	private function __clone(){}



	public function login()
	{
		if ((isset($_POST['auth_login']) and mb_strlen(trim($_POST['auth_login']), 'UTF-8')) or (isset($_POST['auth_password']) and mb_strlen(trim($_POST['auth_password']), 'UTF-8')))
		{
			if (!isset($_POST['auth_login']) or !mb_strlen(trim($_POST['auth_login']), 'UTF-8')) {
				new System_Error('Вы не указали логин.');
			}
			if (!isset($_POST['auth_password']) or !mb_strlen(trim($_POST['auth_password']), 'UTF-8')) {
				new System_Error('Вы не указали пароль.');
			}

			if (isset($_POST['auth_login']) and mb_strlen(trim($_POST['auth_login']), 'UTF-8') and isset($_POST['auth_password']) and mb_strlen(trim($_POST['auth_password']), 'UTF-8'))
			{
				if ($oUser = self::$oUsersMapper->findByLogin($_POST['auth_login']))
				{
					if ($oUser->getPassword() == md5($_POST['auth_password']))
					{
						$oUser->setRights(self::$oUsersMapper->getRights($oUser));

						if ($oUser->isBannedStatus()) {
							new System_Message('Извините, но ваш аккаунт находится в бан-листе.');
						}
						else
						{
							$user_key = md5($_POST['auth_login'].$_POST['auth_password'].mktime());
							$oUser->setKey($user_key);
							$oUser->setLastIp($_SERVER['REMOTE_ADDR']);
							$oUser->setLastTime(date('Y-m-d H:i:s'));
							$oUser->setSessionIsOld(null);
							self::$oUsersMapper->save($oUser, array('user_key', 'user_last_ip', 'user_last_time', 'user_session_is_old'));
							$cookie_time = (isset($_POST['auth_remember']) and $_POST['auth_remember'] == 'ok') ? time()+(14*24*60*60) : time()+(24*60*60);
							setcookie('userKey', $user_key, $cookie_time, '/', System_Router::getPathCookie());
							self::setSession($oUser);
						}
					}
					else {
						new System_Error('Неверный пароль.');
					}
				}
				else {
					new System_Error('Пользователь с логином <b>'.$_POST['auth_login'].'</b> не найден.');
				}
			}
		}
	}

	public function setSession($oUser)
	{
		self::$oUser = $oUser;
		$aUser = $oUser->getAsArray();
		$_SESSION['user'] = serialize($aUser);
	}
	public function getSession()
	{
		$oUser = System_Essences::getEssence('Users');
		if (isset($_SESSION['user'])) {
			$aUser = unserialize($_SESSION['user']);
			$oUser->setFromArray($aUser);
		}
		return $oUser;
	}



	public function __call($name, $args) {
		return call_user_func(array(self::$oUser, $name), (isset($args[0]) ? $args[0] : null));
	}



	public function killSession()
	{
		setcookie('userKey', 'DIE', 0, '/', System_Router::getPathCookie());
		session_unset();
		session_destroy();
		self::$oUser = System_Essences::getEssence('Users');
		self::$oUser->setRights(array('guest' => true));
		header('Location: '.System_Router::getPathWeb());
		echo'<html><body><script language="javascript">window.location = "'.System_Router::getPathWeb().'";</script></body></html>';
	}

	public function __destruct() {
		self::setSession(self::$oUser);
	}
}

?>