Blame - hs20/server/www/cert-enroll.php - android_external_wpa_supplicant_8

blob: f023ca5a5b033b0da8014c636524a7da1b5d4363 [file] [log] [blame]

Dmitry Shmidt	df5a7e4	2014-04-02 12:59:59 -0700	[diff] [blame^]	1	<?php
				2
				3	require('config.php');
				4
				5	$db = new PDO($osu_db);
				6	if (!$db) {
				7	die($sqliteerror);
				8	}
				9
				10	if (isset($_GET["id"]))
				11	$id = preg_replace("/[^a-fA-F0-9]/", "", $_GET["id"]);
				12	else
				13	die("Missing session id");
				14	if (strlen($id) < 32)
				15	die("Invalid session id");
				16
				17	$row = $db->query("SELECT rowid,* FROM sessions WHERE id='$id'")->fetch();
				18	if ($row == false) {
				19	die("Session not found");
				20	}
				21
				22	$uri = $row['redirect_uri'];
				23	$rowid = $row['rowid'];
				24	$realm = $row['realm'];
				25
				26	$user = sha1(mt_rand());
				27
				28	if (!$db->exec("UPDATE sessions SET user='$user', type='cert' WHERE rowid=$rowid")) {
				29	die("Failed to update session database");
				30	}
				31
				32	$db->exec("INSERT INTO eventlog(user,realm,sessionid,timestamp,notes) " .
				33	"VALUES ('', '$realm', '$id', " .
				34	"strftime('%Y-%m-%d %H:%M:%f','now'), " .
				35	"'completed user input response for client certificate enrollment')");
				36
				37	header("Location: $uri", true, 302);
				38
				39	?>