15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)<?php 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)require('config.php'); 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)$db = new PDO($osu_db); 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)if (!$db) { 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) die($sqliteerror); 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)if (isset($_GET["id"])) 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) $id = preg_replace("/[^a-fA-F0-9]/", "", $_GET["id"]); 1258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)else 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) die("Missing session id"); 1468043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles)if (strlen($id) < 32) 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) die("Invalid session id"); 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)$row = $db->query("SELECT rowid,* FROM sessions WHERE id='$id'")->fetch(); 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)if ($row == false) { 192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) die("Session not found"); 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)$uri = $row['redirect_uri']; 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)$rowid = $row['rowid']; 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)$realm = $row['realm']; 250f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 264e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles)$user = sha1(mt_rand()); 271e9bf3e0803691d0a228da41fc608347b6db4340Torne (Richard Coles) 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)if (!$db->exec("UPDATE sessions SET user='$user', type='cert' WHERE rowid=$rowid")) { 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) die("Failed to update session database"); 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 31c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 325d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)$db->exec("INSERT INTO eventlog(user,realm,sessionid,timestamp,notes) " . 33a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) "VALUES ('', '$realm', '$id', " . 34f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) "strftime('%Y-%m-%d %H:%M:%f','now'), " . 352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "'completed user input response for client certificate enrollment')"); 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)header("Location: $uri", true, 302); 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 394e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles)?> 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)