1 <?php 2 3 require('config.php'); 4 5 $db = new PDO($osu_db); 6 if (!$db) { 7 die($sqliteerror); 8 } 9 10 if (isset($_POST["id"])) 11 $id = preg_replace("/[^a-fA-F0-9]/", "", $_POST["id"]); 12 else 13 die("Missing session id"); 14 if (strlen($id) < 32) 15 die("Invalid session id"); 16 17 $row = $db->query("SELECT rowid,* FROM sessions WHERE id='$id'")->fetch(); 18 if ($row == false) { 19 die("Session not found"); 20 } 21 22 $uri = $row['redirect_uri']; 23 $rowid = $row['rowid']; 24 $realm = $row['realm']; 25 26 $row = $db->query("SELECT value FROM osu_config WHERE realm='$realm' AND field='free_account'")->fetch(); 27 if (!$row || strlen($row['value']) == 0) { 28 die("Free account disabled"); 29 } 30 31 $user = $row['value']; 32 33 $row = $db->query("SELECT password FROM users WHERE identity='$user' AND realm='$realm'")->fetch(); 34 if (!$row) 35 die("Free account not found"); 36 37 $pw = $row['password']; 38 39 if (!$db->exec("UPDATE sessions SET user='$user', password='$pw', realm='$realm', machine_managed='1' WHERE rowid=$rowid")) { 40 die("Failed to update session database"); 41 } 42 43 $db->exec("INSERT INTO eventlog(user,realm,sessionid,timestamp,notes) " . 44 "VALUES ('$user', '$realm', '$id', " . 45 "strftime('%Y-%m-%d %H:%M:%f','now'), " . 46 "'completed user input response for a new PPS MO')"); 47 48 header("Location: $uri", true, 302); 49 50 ?> 51
