<?php
/**
 * Session manager.
 *
 * @category   Session handler.
 * @package    Pandora FMS.
 * @subpackage OpenSource.
 * @version    1.0.0
 * @license    See below
 *
 *    ______                 ___                    _______ _______ ________
 * |   __ \.-----.--.--.--|  |.-----.----.-----. |    ___|   |   |     __|
 * |    __/|  _  |     |  _  ||  _  |   _|  _  | |    ___|       |__     |
 * |___|   |___._|__|__|_____||_____|__| |___._| |___|   |__|_|__|_______|
 *
 * ============================================================================
 * Copyright (c) 2005-2023 Pandora FMS
 * Please see https://pandorafms.com/community/ for full contribution list
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation for version 2.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * ============================================================================
 */

// Begin.


/**
 * Open session.
 *
 * @param string $save_path    Save path.
 * @param string $session_name Session name.
 *
 * @return boolean
 */
function pandora_session_open($save_path, $session_name)
{
    return true;
}


/**
 * Close session.
 *
 * @return boolean
 */
function pandora_session_close()
{
    return true;
}


/**
 * Read a session.
 *
 * @param string $session_id Session ID.
 *
 * @return string Session data.
 */
function pandora_session_read($session_id)
{
    $session_id = addslashes($session_id);

    // Do not use SQL cache here.
    $session_data = db_get_all_rows_sql(
        sprintf(
            'SELECT data
            FROM `tsessions_php` WHERE id_session="%s"',
            $session_id
        ),
        false,
        false
    );

    if (is_array($session_data) === true) {
        $session_data = $session_data[0]['data'];
    }

    if (empty($session_data) === false) {
        return $session_data;
    } else {
        return '';
    }
}


/**
 * Write session data.
 *
 * @param string $session_id Session id.
 * @param string $data       Data.
 *
 * @return boolean
 */
function pandora_session_write($session_id, $data)
{
    $session_id = addslashes($session_id);
    if (is_ajax()) {
        // Avoid session upadte while processing ajax responses - notifications.
        if (get_parameter('check_new_notifications', false)) {
            return true;
        }
    }

    $values = [];
    $values['last_active'] = time();

    if (empty($data) === false) {
        $values['data'] = addslashes($data);
    }

    // Do not use SQL cache here.
    $session_exists = db_get_all_rows_sql(
        sprintf(
            'SELECT id_session
             FROM `tsessions_php` WHERE id_session="%s"',
            $session_id
        ),
        false,
        false
    );

    if ($session_exists === false) {
        $values['id_session'] = $session_id;
        $retval_write = db_process_sql_insert('tsessions_php', $values);
    } else {
        $retval_write = db_process_sql_update(
            'tsessions_php',
            $values,
            ['id_session' => $session_id]
        );
    }

    return $retval_write !== false;
}


/**
 * Destroy a session.
 *
 * @param string $session_id Session Id.
 *
 * @return boolean
 */
function pandora_session_destroy($session_id)
{
    $session_id = addslashes($session_id);

    $retval = (bool) db_process_sql_delete(
        'tsessions_php',
        ['id_session' => $session_id]
    );

    return $retval;
}


/**
 * Session garbage collector.
 *
 * @param integer $max_lifetime Max lifetime.
 *
 * @return boolean.
 */
function pandora_session_gc($max_lifetime=300)
{
    global $config;

    if (isset($config['session_timeout'])) {
        $session_timeout = $config['session_timeout'];
    } else {
        // If $config doesn`t work ...
        $session_timeout = db_get_value(
            'value',
            'tconfig',
            'token',
            'session_timeout'
        );
    }

    if (empty($session_timeout) === false) {
        if ($session_timeout == -1) {
            // The session expires in 10 years.
            $session_timeout = 315576000;
        } else {
            $session_timeout *= 60;
        }

        $max_lifetime = $session_timeout;
    }

    $time_limit = (time() - $max_lifetime);

    $retval = (bool) db_process_sql_delete(
        'tsessions_php',
        [
            'last_active' => '<'.$time_limit,
        ]
    );

    // Deleting cron and empty sessions.
    $sql = 'DELETE FROM tsessions_php WHERE data IS NULL';
    db_process_sql($sql);

    return $retval;
}


/**
 * Enables custom session handlers.
 *
 * @return boolean Context changed or  not.
 */
function enable_session_handlers()
{
    global $config;

    if (isset($config['_using_pandora_sessionhandlers']) !== true
        || $config['_using_pandora_sessionhandlers'] !== true
    ) {
        if (session_status() !== PHP_SESSION_NONE) {
            // Close previous version.
            session_write_close();
        }

        $sesion_handler = session_set_save_handler(
            'pandora_session_open',
            'pandora_session_close',
            'pandora_session_read',
            'pandora_session_write',
            'pandora_session_destroy',
            'pandora_session_gc'
        );

        session_start();

        // Restore previous session.
        $config['_using_pandora_sessionhandlers'] = true;
        return $sesion_handler;
    }

    return false;
}


/**
 * Disables custom session handlers.
 *
 * @param string|null $id_session Force swap to target session.
 *
 * @return void
 */
function disable_session_handlers($id_session=null)
{
    global $config;

    if (session_status() !== PHP_SESSION_NONE) {
        // Close previous version.
        session_write_close();
    }

    $ss = new SessionHandler();
    session_set_save_handler($ss, true);

    if ($id_session !== null) {
        session_id($id_session);
    }

    session_start();

    $config['_using_pandora_sessionhandlers'] = false;
}


// Always enable session handler.
$result_handler = enable_session_handlers();