* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
include_once '../../includes/includes.php';
sec_session_start();
if (!isset($_SESSION['username'])) {
header("Location: ../../logout.php");
exit;
}
//Check parameters
$message = dbCheckNewDevName($_POST['devName']);
if ($message != "true") {
header('Location: ../newDevice.php?newDev_checkDevNameErrorMsg=' . $message . '&devName=' . $_POST['devName'] . '&devType=' . $_POST['devType'] . '&devNumOfFields=' . $_POST['devNumOfFields'] . '&devPrivacy=' . $_POST['devPrivacy'] . '&devStatus=' . $_POST['devStatus']);
exit;
}
$message = newDev_checkDevPwd($_POST['devPwd'], $_POST['devConfirmPwd']);
if ($message != "true") {
header('Location: ../newDevice.php?newDev_checkPwdError=' . $message . '&devName=' . $_POST['devName'] . '&devType=' . $_POST['devType'] . '&devNumOfFields=' . $_POST['devNumOfFields'] . '&devPrivacy=' . $_POST['devPrivacy'] . '&devStatus=' . $_POST['devStatus']);
exit;
}
//Parameters ok. Insert in database
$devPrivacy = "Public";
if ($_POST['devPrivacy'] == 'Private') {
$devPrivacy = $_SESSION['username'];
}
$message = dbInsertNewDev($_POST['devName'], $_POST['devPwd'], $_POST['devType'], $_POST['devStatus'], $devPrivacy, $_POST['devNumOfFields']);
function dbChangeDevName($devName, $devPwd, $newDevName)
{
$conn = dbConnect();
//check if new device name aready exists
$result = dbCheckNewDevName($devName);
if ($result != "true") {
$conn->close();
return $result;
}
//check devName & devPwd
$query = "SELECT * FROM devices WHERE devName = '" . $devName . "' AND devPwd = '" . $devPwd . "'";
$result = mysqli_query($conn, $query) or die("impossible to do query2 - change deviceName: " . $query);
if (mysqli_num_rows($result) > 1) {
$conn->close();
return "This device is duplicated, admin should fix this problem";
} else {
if (mysqli_num_rows($result) < 1) {
$conn->close();
return "This device does not exist or password is not correct";
}
}
$devInfo = mysqli_fetch_assoc($result);
//change device name
$query = "UPDATE devices SET devName = '" . $newDevName . "' WHERE devId = " . $devInfo['devId'];
$result = mysqli_query($conn, $query) or die("impossible to do query3 - change deviceName: " . $query);
$conn->close();
return true;
}
