function checkdevice() { // Function for checking the device ID sent in cookie. Can be used at the beginning of each page. if (isset($_COOKIE['call_devid'])) { if (validatedeviceid($_COOKIE['call_devid']) == false) { deletecookie(); die("Error: device ID doesn\\'t exist in database!<br>Sent ID: {$_COOKIE['call_devid']}"); } return true; } else { header("Location: setup.php"); die('Redirecting...'); } exit; }
<?php require "functions.php"; if (isset($_COOKIE['call_devid']) && validatedeviceid($_COOKIE['call_devid'])) { header("Location: removedevice.php"); die("Redirecting..."); } if (isset($_POST['devicename']) && $_POST['devicename'] == "") { die('You need to enter a device name.'); } // Creating database connection here, because it's needed anyway. $db = new PDO($dbpdodsn, $dbuser, $dbpassword, array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION)); // Request existing users. $st_requestusers = $db->prepare('SELECT * FROM users'); $st_requestusers->execute(); if ($st_requestusers->rowCount() > 0) { $currentusers = $st_requestusers->fetchAll(); } else { $currentusers = 0; } // Code responsible for adding a new user. if (isset($_POST['username']) && !empty($_POST['username'])) { // Make sure that html injection is kinda prevented. $username = htmlentities($_POST['username']); $userid = uniqid('u_'); // Prepare statement. $st_useradd = $db->prepare('INSERT INTO users (userid, username) VALUES (:uid, :una)'); // Bind parameters. $st_useradd->bindParam(':uid', $userid); $st_useradd->bindParam(':una', $username); // Execute statement.