package session;
use sql;
use strict;

use logging;

my $publishedID;

sub ID {
    if ($publishedID) {return $publishedID;}
    my @pairs = split(/;/, $ENV{'HTTP_COOKIE'});
    my $id;
    foreach (@pairs) {
	my ($key,$val) = split(/=/);
	$key =~ s/\s//g;
	if ($key eq 'project') {
	    return $val;
	}
    }
    "";
}

my $userNameCache;
sub userName {
    return $userNameCache if ($userNameCache);
    my $id=&ID;
    return "" if (length($id)<=1);
    $userNameCache=&userNameFromSessionID($id);
}
my $superUser=0;
my $wroteUser;
sub userNameFromSessionID{
    my $sessionID=shift;
    my $it=&sql::select
	(qq(
	    select _user from session where mainkey=@{[&sql::str($sessionID)]}
    ));
    my $res="";
    if (my $r=$it->next) {
	$res=$r->{_user};
    } 
    if (!$wroteUser) {
	&logging::user($sessionID,$res);
	$wroteUser=1;
    }
    $it=&sql::select(qq(
	select * from super_user  where id=@{[&sql::str($res)]}
    ));
    if (my $r=$it->next) {
	$superUser=1;
    } 
    return $res;
}

sub isSuperUser{
    $superUser;
}
sub isNewTmplOk{
   1;  #  $superUser;
}

use date;
sub create {
    ## 注意:ここでクッキーを発行してしまうと、仮登録だけでセッションIDがばれ、
    ##      メールなしでもユーザ登録ができてしまう
    my $userName=shift;
    my $time=shift;
    my $sessionID;
    if (!$time) {$time=10*86400;}
    my $it;
    do {
	$sessionID=rand(100000)+1;
	$it=&sql::select(qq(
	       select * from session where mainkey='$sessionID'
	));
    } while($it->next);
    my $timeout=new date(time+$time)->format("yyyy-MM-dd hh:mm:ss JST");
    &sql::exe(qq(
	 delete from session where _user =@{[&sql::str($userName)]}
    ));
    &sql::exe(qq(
        insert into session (mainkey,_user,timeout) values 
            ('$sessionID','$userName','$timeout')
    ));
    $sessionID;
}

sub setCookie {
    my $sessionID=shift;
    if (&userNameFromSessionID($sessionID)) {
	$publishedID=$sessionID;
    }
# else {
#	print <<"EOF"
#	die("セッションが無効です  ID=$sessionID");
#    }
}
sub clearCookie {
    $publishedID="1";
}

sub getCookieHeader {
    my($sec,$min,$hour,$mday,$mon,$year,$wday) = gmtime(time+60*24*60*60);
    my @month=('Jan','Feb','Mar','Apr','May','Jun','Jul','Aug','Sep','Oct','Nov','Dec');
    my @week = ('Sun','Mon','Tue','Wed','Thu','Fri','Sat');

    my $gmt = sprintf("%s, %02d-%s-%04d %02d:%02d:%02d GMT",
		$week[$wday],$mday,$month[$mon],$year+1900,$hour,$min,$sec);
    if ($publishedID and $publishedID =~ /^[0-9\.\-]+$/ ) {
	return "Set-Cookie: project=$publishedID; expires=$gmt\n";
    }
    return "";
}
sub failUnlessLoggedIn {
    if (!&userName) {
	&tmpl::default("失敗","failed","ログインしていません");
	exit;
    }
}
&userName;

1;