$needed = array("token", "name", "semester", "instructor", "netid"); if (!checkParams($needed, $_POST)) { $message = urlencode("A parameter is missing from the form submitted."); header("Location: error.php?error={$message}"); exit; } if (!Session::verifyToken($_POST['token'])) { $message = urlencode("The token provided does not match."); header("Location: error.php?error={$message}"); exit; } $id = Database::getUserId($_POST['netid']); if ($id === -1) { $id = Database::createUser($_POST['netid']); } $course = Database::createCourse($_POST['name'], $_POST['semester'], $_POST['instructor']); Database::createAccount($id, $course, Instructor::getName()); header("Location: in_class.php?id={$course}"); exit; } else { if (isset($_GET['uploader'])) { //an uploader is being added to a course $needed = array("token", "course", "user"); if (!checkParams($needed, $_POST)) { $message = urlencode("A parameter is missing from the form submitted."); header("Location: error.php?error={$message}"); exit; } if (!Session::verifyToken($_POST['token'])) { $message = urlencode("The token provided does not match."); header("Location: error.php?error={$message}");