1df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt<?php 2df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 3df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtrequire('config.php'); 4df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 5df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$db = new PDO($osu_db); 6df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtif (!$db) { 7df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt die($sqliteerror); 8df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt} 9df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 10df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtif (isset($_GET["id"])) 11df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt $id = preg_replace("/[^a-fA-F0-9]/", "", $_GET["id"]); 12df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtelse 13df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt $id = 0; 14df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 15df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$row = $db->query("SELECT rowid,* FROM sessions WHERE id='$id'")->fetch(); 16df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtif ($row == false) { 17df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt die("Session not found"); 18df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt} 19df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 20df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$uri = $row['redirect_uri']; 21df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 22df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidtheader("Location: $uri", true, 302); 23df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 24df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$user = $row['user']; 25df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$realm = $row['realm']; 26df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 27df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt$db->exec("INSERT INTO eventlog(user,realm,sessionid,timestamp,notes) " . 28df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt "VALUES ('$user', '$realm', '$id', " . 29df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt "strftime('%Y-%m-%d %H:%M:%f','now'), " . 30df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt "'redirected after user input')"); 31df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt 32df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt?> 33