<?php

class Auth {

	public function getMemberSession($db, $member_id, $sessionid) {
		$db_sessionid = pg_escape_string($sessionid);
		$q = "SELECT * FROM members_session WHERE member_id=".((int)$member_id)." AND session='${db_sessionid}' ORDER BY updated DESC";
		$r = pg_query($db, $q);
		if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
			return $f;
		}
		return NULL;
	}

	public function getMemberSessionBySessionID($db, $sessionid) {
		$db_sessionid = pg_escape_string($sessionid);
		$q = "SELECT * FROM members_session WHERE session='${db_sessionid}' ORDER BY updated DESC";
		$r = pg_query($db, $q);
		if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
			return $f;
		}
		return NULL;
	}

	public function getMemberDevice($db, $data) {
		unset($data["sessionid"]);
		$model = Push::getModelByName($db, $data["model"]);
		$data["model_id"] = ($model && isset($model["id"])) ? $model["id"] : 0;
		unset($data["model"]);
		$platform = Push::getPlatformByName($db, $data["platform"]);
		$data["platform_id"] = ($platform && isset($platform["id"])) ? $platform["id"] : 0;
		unset($data["platform"]);
		$manufacturer = Push::getManufacturerByName($db, $data["manufacturer"]);
		$data["manufacturer"] = ($manufacturer && isset($manufacturer["id"])) ? $manufacturer["id"] : 0;
		unset($data["manufacturer"]);
		$q = "SELECT * FROM members_devices WHERE id>0";
		foreach ($data as $key=>$val) {
			if ($key=='is_virtual') {
				$q.= " AND ${key}='".((!$val || $val=='')?'f':'t')."'";
			} else {
				$q.= " AND ${key}='".pg_escape_string($val)."'";
			}
		}
		error_log($q);
		$r = pg_query($db, $q);
		if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
			return $f;
		}
		return NULL;
	}

	public function saveTokens($db, $id, $refresh_token, $access_token) {
		$db_refresh_token = pg_escape_string(substr($refresh_token,0,36));
		$db_access_token = pg_escape_string(substr($access_token,0,36));
		$q = "UPDATE members_devices SET refresh_token='${db_refresh_token}', access_token='${db_access_token}', updated=now(), status=1 WHERE id=".((int)$id)." RETURNING *";
		error_log($q);
		$r = pg_query($db, $q);
		if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
			return $f;
		}
		return NULL;
	}

	public function getMemberById($db, $member_id) {
		$q = "SELECT * FROM members WHERE id=".((int)$member_id);
		$r = pg_query($db, $q);
		if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
			return $f;
		}
		return NULL;
	}

	public function verifyAccessToken($db, $member_id, $acces_token) {
		$db_acces_token = pg_escape_string(substr($acces_token,0,36));
		$q = "SELECT * FROM members_devices WHERE member_id=".((int)$member_id)." AND access_token='${db_access_token}' ORDER BY id DESC";
		$r = pg_query($db, $q);
		if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
			return $f;
		}
		return NULL;
	}

	public function verifyRefreshToken($db, $member_id, $refresh_token) {
		$db_acces_token = pg_escape_string(substr($refresh_token,0,36));
		$q = "SELECT * FROM members_devices WHERE member_id=".((int)$member_id)." AND refresh_token='${db_refresh_token}' ORDER BY id DESC";
		$r = pg_query($db, $q);
		if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
			return $f;
		}
		return NULL;
	}
}

// vi:ts=2