1df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt<?php 2df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 3df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtrequire('config.php'); 4df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 5df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$db = new PDO($osu_db); 6df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtif (!$db) { 7df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt die($sqliteerror); 8df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt} 9df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 10df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtif (isset($_GET["id"])) 11df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt $id = preg_replace("/[^a-fA-F0-9]/", "", $_GET["id"]); 12df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtelse 13df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt die("Missing session id"); 14df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtif (strlen($id) < 32) 15df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt die("Invalid session id"); 16df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 17df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$row = $db->query("SELECT rowid,* FROM sessions WHERE id='$id'")->fetch(); 18df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtif ($row == false) { 19df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt die("Session not found"); 20df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt} 21df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 22df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$uri = $row['redirect_uri']; 23df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$rowid = $row['rowid']; 24df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$realm = $row['realm']; 25df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 26df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$user = sha1(mt_rand()); 27df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 28df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtif (!$db->exec("UPDATE sessions SET user='$user', type='cert' WHERE rowid=$rowid")) { 29df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt die("Failed to update session database"); 30df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt} 31df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 32df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$db->exec("INSERT INTO eventlog(user,realm,sessionid,timestamp,notes) " . 33df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt "VALUES ('', '$realm', '$id', " . 34df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt "strftime('%Y-%m-%d %H:%M:%f','now'), " . 35df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt "'completed user input response for client certificate enrollment')"); 36df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 37df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtheader("Location: $uri", true, 302); 38df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 39df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt?> 40