1<?php 2 3require('config.php'); 4 5$db = new PDO($osu_db); 6if (!$db) { 7 die($sqliteerror); 8} 9 10if (isset($_GET["id"])) 11 $id = preg_replace("/[^a-fA-F0-9]/", "", $_GET["id"]); 12else 13 die("Missing session id"); 14if (strlen($id) < 32) 15 die("Invalid session id"); 16 17$row = $db->query("SELECT rowid,* FROM sessions WHERE id='$id'")->fetch(); 18if ($row == false) { 19 die("Session not found"); 20} 21 22$uri = $row['redirect_uri']; 23$rowid = $row['rowid']; 24$realm = $row['realm']; 25 26$user = sha1(mt_rand()); 27 28if (!$db->exec("UPDATE sessions SET user='$user', type='cert' WHERE rowid=$rowid")) { 29 die("Failed to update session database"); 30} 31 32$db->exec("INSERT INTO eventlog(user,realm,sessionid,timestamp,notes) " . 33 "VALUES ('', '$realm', '$id', " . 34 "strftime('%Y-%m-%d %H:%M:%f','now'), " . 35 "'completed user input response for client certificate enrollment')"); 36 37header("Location: $uri", true, 302); 38 39?> 40