function checkdevice()
{
// Function for checking the device ID sent in cookie. Can be used at the beginning of each page.
if (isset($_COOKIE['call_devid'])) {
if (validatedeviceid($_COOKIE['call_devid']) == false) {
deletecookie();
die("Error: device ID doesn\\'t exist in database!<br>Sent ID: {$_COOKIE['call_devid']}");
}
return true;
} else {
header("Location: setup.php");
die('Redirecting...');
}
exit;
}
<?php
require "functions.php";
if (isset($_COOKIE['call_devid']) && validatedeviceid($_COOKIE['call_devid'])) {
header("Location: removedevice.php");
die("Redirecting...");
}
if (isset($_POST['devicename']) && $_POST['devicename'] == "") {
die('You need to enter a device name.');
}
// Creating database connection here, because it's needed anyway.
$db = new PDO($dbpdodsn, $dbuser, $dbpassword, array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
// Request existing users.
$st_requestusers = $db->prepare('SELECT * FROM users');
$st_requestusers->execute();
if ($st_requestusers->rowCount() > 0) {
$currentusers = $st_requestusers->fetchAll();
} else {
$currentusers = 0;
}
// Code responsible for adding a new user.
if (isset($_POST['username']) && !empty($_POST['username'])) {
// Make sure that html injection is kinda prevented.
$username = htmlentities($_POST['username']);
$userid = uniqid('u_');
// Prepare statement.
$st_useradd = $db->prepare('INSERT INTO users (userid, username) VALUES (:uid, :una)');
// Bind parameters.
$st_useradd->bindParam(':uid', $userid);
$st_useradd->bindParam(':una', $username);
// Execute statement.
