1<html> 2<head> 3<title>Hotspot 2.0 subscription remediation</title> 4</head> 5<body> 6 7<?php 8 9require('config.php'); 10 11$db = new PDO($osu_db); 12if (!$db) { 13 die($sqliteerror); 14} 15 16if (isset($_GET["session_id"])) 17 $id = preg_replace("/[^a-fA-F0-9]/", "", $_GET["session_id"]); 18else 19 $id = 0; 20echo "SessionID: " . $id . "<br>\n"; 21 22$row = $db->query("SELECT * FROM sessions WHERE id='$id'")->fetch(); 23if ($row == false) { 24 die("Session not found"); 25} 26 27$username = $row['user']; 28echo "User: " . $username . "@" . $row['realm'] . "<br>\n"; 29 30$user = $db->query("SELECT machine_managed,methods FROM users WHERE identity='$username'")->fetch(); 31if ($user == false) { 32 die("User not found"); 33} 34 35echo "<hr><br>\n"; 36 37$cert = $user['methods'] == "TLS" || strncmp($username, "cert-", 5) == 0; 38 39if ($cert) { 40 echo "<a href=\"redirect.php?id=" . $_GET["session_id"] . "\">Complete user subscription remediation</a><br>\n"; 41} else if ($user['machine_managed'] == "1") { 42 echo "<a href=\"redirect.php?id=" . $_GET["session_id"] . "\">Complete user subscription remediation</a><br>\n"; 43 echo "This will provide a new machine-generated password.<br>\n"; 44} else { 45 echo "<form action=\"remediation-pw.php\" method=\"POST\">\n"; 46 echo "<input type=\"hidden\" name=\"id\" value=\"$id\">\n"; 47 echo "New password: <input type=\"password\" name=\"password\"><br>\n"; 48 echo "<input type=\"submit\" value=\"Change password\">\n"; 49 echo "</form>\n"; 50} 51 52?> 53 54</body> 55</html> 56