<?php 

class u1{
	public $username = null;
	public $password = null;
	public $email = null;
	
	public function __construct( $data=array() ) {
		if ( isset( $data["username"])) $this->username = $data["username"];
		if ( isset( $data["password"])) $this->password = $data["password"];
		if ( isset( $data["email"])) $this->email = $data["email"];
	}

	public static function getById( $username ) {
	    $mysqli = ConnectionFactory::getFactory()->getConnection();
	    $sql = $mysqli->prepare("SELECT * FROM u1 WHERE username = ? LIMIT 1");
	    $sql->bind_param("s", $username);
	    $sql->execute();
	    $row = array(); db_bind_array($sql, $row); $sql->fetch();
	    $sql->close();
	    if ( $row["username"] != "" ) return new u1( $row );
	}
	
	public static function getByEmail($email) {
		$mysqli = ConnectionFactory::getFactory()->getConnection();
		$sql = $mysqli->prepare("SELECT * FROM u1 WHERE email = ? LIMIT 1");
		$sql->bind_param("s", $email);
		$sql->execute();
		$row = array(); db_bind_array($sql, $row); $sql->fetch();
		$sql->close();
		if ( $row["username"] != "" ) return new u1( $row );
	}
	
	public static function login( $username , $password ) {
	    $mysqli = ConnectionFactory::getFactory()->getConnection();
	    $sql = $mysqli->prepare("SELECT * FROM u1 WHERE username = ? and password = ?");
	    $sql->bind_param("ss", $username,$password);
	    $sql->execute();
	    $row = array(); db_bind_array($sql, $row); $sql->fetch();
	    $sql->close();
	    if ( $row["username"] != "" ) return new u1( $row );
	}
	
	public function changePass($password) {
		$mysqli = ConnectionFactory::getFactory()->getConnection();
		$sql = $mysqli->prepare("UPDATE u1 SET password = ? WHERE username = ?");
		$password = sha1($password);
		$sql->bind_param("ss", $password, $this->username);
	    $sql->execute();
	    $sql->close();
	}

	public static function getList() {
		$mysqli = ConnectionFactory::getFactory()->getConnection();
	    $sql = $mysqli->prepare("SELECT * FROM u1");
	    $sql->execute();
	    $row = $list = array(); 
		db_bind_array($sql, $row);
		while ($sql->fetch()) $list[] = new u1( $row );
	    $sql->close();
	    $totalRows = count($list);
	    return ( array ( "results" => $list, "totalRows" => $totalRows ) );
	}

	public function delete() {
	    $mysqli = ConnectionFactory::getFactory()->getConnection();
		$sql = $mysqli->prepare("DELETE FROM u1 WHERE username = ? LIMIT 1");
		$sql->bind_param("s", $this->username);
	    $sql->execute();
	    $sql->close();
	}
	
	public function insert() {
		$error = false;
		if ($this->username == '') $error[] = 'ADMIN_ERROR_1';
		if ($this->password == '') $error[] = 'ADMIN_ERROR_2';
		if (!validateEmail($this->email)) $error[] = 'ADMIN_ERROR_3';
		if (u1::getById($this->username)) $error[] = 'ADMIN_ERROR_4';
		if (!$error){
		    $mysqli = ConnectionFactory::getFactory()->getConnection();
			$sql = $mysqli->prepare("INSERT INTO u1 (username, password, email) VALUES ( ?, ?, ? )");
			$pass = sha1($this->password);
			$sql->bind_param("sss", $this->username, $pass, $this->email);
		    $sql->execute();
		    $sql->close();
		}
		return $error;
	}

	public function update() {
		$error = false;
		if (!validateEmail($this->email)) $error[] = 'ADMIN_ERROR_3';
		if (!$error){
			if ( is_null( $this->username ) ) trigger_error ( "Update error", E_USER_ERROR );
			$mysqli = ConnectionFactory::getFactory()->getConnection();
			$sql = $mysqli->prepare("UPDATE u1 SET email = ? WHERE username = ?");
			$sql->bind_param("ss", $this->email, $this->username);
		    $sql->execute();
		    $sql->close();
		}
		return $error;
	}
	
	/* ADMIN SESSIONS */
	
	public static function deleteUserSession ($userId,$mysqli){
		$sql = $mysqli->prepare("delete from admin_session where user_id = ?");
		$sql->bind_param("s", $userId);
	    $sql->execute();
	    $sql->close();
	}
	
	public static function deleteSession ($sessionId,$mysqli){
		$sql = $mysqli->prepare("delete from admin_session where session_id = ?");
		$sql->bind_param("s", $sessionId);
	    $sql->execute();
	    $sql->close();
	}
	
	public static function createAdminSession($sessionId,$userId,$mysqli){
		$sql = $mysqli->prepare("INSERT INTO admin_session (session_id, user_id) VALUES ( ?, ? )");
		$sql->bind_param("ss", $sessionId,$userId);
	    $sql->execute();
	    $sql->close();
	}
	
	public static function getSession(){
		$mysqli = ConnectionFactory::getFactory()->getConnection();
	    $sql = $mysqli->prepare("select * from admin_session where session_id = ? and upper(user_id) = ? LIMIT 1");
	    $sessionId = session_id();
	    $userId = $_SESSION['userId'];
	    $sql->bind_param("ss", $sessionId, $userId);
	    $sql->execute();
	    $row = array(); db_bind_array($sql, $row); $sql->fetch();
	    $sql->close();
	    if ( $row["session_id"] != "" ) return new u1( $row );
	}
	
	public function generateSession(){
		$userId = $this->username;
		$sessionId = session_id();
		$_SESSION['username'] = $userId;
		$_SESSION['userId'] = $userId;
		$mysqli = mysqli_connect(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_NAME);
		U1::deleteSession($sessionId, $mysqli);
		U1::deleteUserSession($userId, $mysqli);
		U1::createAdminSession($sessionId, $userId, $mysqli);
	}
}
?>