From 824ee0cd1f1b7ef04eb1e98708bd1d47696da11c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=91cze=20Bence?= <bence@pocze.ch>
Date: Tue, 2 May 2023 12:21:05 +0200
Subject: [PATCH] check session validity by DatabaseSessionHandler

---
 src/Session/DatabaseSessionHandler.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/Session/DatabaseSessionHandler.php b/src/Session/DatabaseSessionHandler.php
index 45f0e45..764f76b 100644
--- a/src/Session/DatabaseSessionHandler.php
+++ b/src/Session/DatabaseSessionHandler.php
@@ -13,14 +13,17 @@ class DatabaseSessionHandler implements ISessionHandler
 
     private string $table;
 
+    private DateTime $shouldBeNewerThan;
+
     private bool $exists = false;
 
     private bool $written = false;
 
-    public function __construct(IConnection $dbConnection, string $table)
+    public function __construct(IConnection $dbConnection, string $table, DateTime $shouldBeNewerThan)
     {
         $this->dbConnection = $dbConnection;
         $this->table = $table;
+        $this->shouldBeNewerThan = $shouldBeNewerThan;
     }
 
     public function open($savePath, $sessionName): bool
@@ -36,14 +39,17 @@ class DatabaseSessionHandler implements ISessionHandler
     public function read($id): string
     {
         $select = new Select($this->dbConnection, $this->table);
-        $select->columns(['data']);
+        $select->columns(['data', 'updated']);
         $select->whereId(substr($id, 0, 32));
 
         $result = $select->execute()->fetch(IResultSet::FETCH_ASSOC);
-
         if ($result === null) {
             return '';
         }
+        if (new DateTime($result['updated']) < $this->shouldBeNewerThan) {
+            $this->destroy($id);
+            return '';
+        }
 
         $this->exists = true;