source: wpa_supplicant/vendor/current/hs20/server/www/add-mo.php@ 793

Last change on this file since 793 was 793, checked in by andi.b@gmx.net, 11 years ago

wpa_supplicant: initial import of wpa_supplicant2.2
  • Property svn:eol-style set to native
File size: 1.5 KB
Line 
1<?php
2
3require('config.php');
4
5$db = new PDO($osu_db);
6if (!$db) {
7 die($sqliteerror);
8}
9
10if (isset($_POST["id"]))
11 $id = preg_replace("/[^a-fA-F0-9]/", "", $_POST["id"]);
12else
13 die("Missing session id");
14
15$user = $_POST["user"];
16$pw = $_POST["password"];
17if (strlen($id) < 32 || !isset($user) || !isset($pw)) {
18 die("Invalid POST data");
19}
20
21if (strlen($user) < 1 || strncasecmp($user, "cert-", 5) == 0) {
22 echo "<html><body><p><red>Invalid username</red></p>\n";
23 echo "<a href=\"signup.php?session_id=$id\">Try again</a>\n";
24 echo "</body></html>\n";
25 exit;
26}
27
28$row = $db->query("SELECT rowid,* FROM sessions WHERE id='$id'")->fetch();
29if ($row == false) {
30 die("Session not found");
31}
32$realm = $row['realm'];
33
34$userrow = $db->query("SELECT identity FROM users WHERE identity='$user' AND realm='$realm'")->fetch();
35if ($userrow) {
36 echo "<html><body><p><red>Selected username is not available</red></p>\n";
37 echo "<a href=\"signup.php?session_id=$id\">Try again</a>\n";
38 echo "</body></html>\n";
39 exit;
40}
41
42$uri = $row['redirect_uri'];
43$rowid = $row['rowid'];
44
45if (!$db->exec("UPDATE sessions SET user='$user', password='$pw', realm='$realm', type='password' WHERE rowid=$rowid")) {
46 die("Failed to update session database");
47}
48
49$db->exec("INSERT INTO eventlog(user,realm,sessionid,timestamp,notes) " .
50 "VALUES ('$user', '$realm', '$id', " .
51 "strftime('%Y-%m-%d %H:%M:%f','now'), " .
52 "'completed user input response for a new PPS MO')");
53
54header("Location: $uri", true, 302);
55
56?>
Note: See TracBrowser for help on using the repository browser.