Thread: Help In Project

    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    4
    Rep Power
    0

    Help In Project


    I am making a project in PHP on MCQ test. But problem is that i m getting submit button at the end of every question due to while loop. I tried every aspect. If i am putting button out of table then values r not going in database. Any1 to help?
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2003
    Posts
    3,571
    Rep Power
    595
    What kind of response are you expecting? You have shown no code nor anything for us to look at. Please read Maniac Dan's New User Guide to learn how to post a good question and for debugging tips.
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  4. #3
  5. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    do I have to look for the crystal ball again, or will you show us the code?
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  6. #4
  7. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,908
    Rep Power
    6352
    We're going to have to get a lot more information than this. What while loop? What structure is the page in?

    IF the code to print the form is less than 200 lines, paste it into the reply box, highlight it, and then click the white "PHP" button above the edit box.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    4
    Rep Power
    0
    I am so sorry. But I am new to this forum as well as this field. So here is the code.
    index.php

    <?php
    mysql_connect("localhost","root");
    mysql_select_db("mcq");
    $i=0;


    $a=mysql_query("select *from Qtypes") or die(mysql_error());
    ?>

    <table border="0" align="center">
    <tr>
    <?php while($list=mysql_fetch_array($a))
    {
    ?>


    <table align="center">
    <tr><td><?php echo $count;?></td></tr>
    <tr> <td align="center" style="font-size:24px"><a href="ques.php?que_type=<?php echo $list['que_type'];?>&k=0"><?php echo $list['que_type']; ?></a> </td></tr></table>





    <?php $i++;



    if($i == 3)
    {
    echo "</tr> <tr>";
    $i=0;
    }



    ?>
    </td>


    <?php } ?>

    </tr>

    </table>

    ------------------------------------------
    ques.php


    <?php
    mysql_connect("localhost","root");
    mysql_select_db("mcq");
    $i=0;


    $a=mysql_query("select *from ques WHERE que_type='".$_GET['que_type']."' ") or die(mysql_error());
    ?>

    <table border="0" align="center">
    <tr>
    <?php while($list=mysql_fetch_array($a))
    {
    ?>

    <form method="post" action="adminquery.php">
    <table >


    <tr><td>*<?php echo $list['que']; ?> </td></tr>
    <tr><td><input type="hidden" name="que_type" value="<?php echo $list['que_type'];?>"</td></tr>
    <tr><td><input name="op" type="radio" value="<?php echo $list['A'];?>"><?php echo $list['A'];?></td></tr>
    <tr><td><input name="op" type="radio" value="<?php echo $list['B'];?>"><?php echo $list['B'];?></td></tr>
    <tr><td><input name="op" type="radio" value="<?php echo $list['C'];?>"><?php echo $list['C'];?></td></tr>
    <tr><td><input name="op" type="radio" value="<?php echo $list['D'];?>"><?php echo $list['D'];?></td></tr>
    <tr><td><input name="btn1" type="submit"></td></tr>
    </table>
    </form>
    <?php } ?>


    -------------------------------------------------------------
    adminquery.php

    <?php
    mysql_connect("localhost","root");
    mysql_select_db("mcq");

    if(isset($_POST['btn1']))
    {
    mysql_query("insert into ans values(null,'".$_POST['op']."','".$_POST['que_type']."')") or die (mysql_error());

    header("location:index.php");
    }
    ?>
  10. #6
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    4
    Rep Power
    0
    Database name- mcq
    3 tables
    1)qtypes- qtid(int), quetype(varchar)
    2)ques-qid(int), que, A , B, C , D, que_type (all varchar)

    3)ans- aid(int), ans(varchar). qye_type(varchar)
  12. #7
  13. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    before you do anything, you first need to fix a long list of huge security vulnerabilities.

    Not sure where you got this programming style from, but this piece of code has no security whatsoever. It's a playground for script kiddies and criminals, it's an open invitation for anybody to break into your server. All they need to do is inject SQL code through the URL or POST parameters and make use of the fact that you've carelessly connected as the database root ("just for testing", I guess).

    I hope this isn't online yet, because if it is, your server might already be busy sending spam mails.

    What you need to understand is that the Internet is not a happy place with friendly people using your website exactly as you intended. You must secure your code. Check out The 6 worst sins of security.

    You should also consider updating your skills. The mysql_ functions are obsolete since 10 years, and table layouts and stuff like the align attribute are obsolete since, I don't know, the late 90s. So whatever online tutorial or book you've been reading: Throw it away. It hasn't been updated since at least a decade.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  14. #8
  15. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,908
    Rep Power
    6352
    I gave what I thought were very basic instructions.

    If you're just learning PHP from someone or something, never interact with them/that again. This code is awful and 10 years out of date.

    To answer your question directly:
    Move your <form> and </form> tags, as well as the submit button itself, OUTSIDE the while loop, that way all the inputs will be inside the form.

    Comments on this post

    • dmittner agrees : Careful: Give the answer without forcing him to change practices first, and Jacques might get after you.
    Last edited by ManiacDan; August 8th, 2013 at 12:09 PM.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  16. #9
  17. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    4
    Rep Power
    0
    Well thanks for reply.

    10 years outdated? Are u serious? I made few project and lets say successful project with same code.

    But here i got stuck becoz of this button coming after every question. If i get solution of that i think its not hard for me to complete this project with same code and best designing.

    Yes there is no security coz its just starting. I have to work more on it as its test project and set marks as well as grade also.

    But if i got solution of this i would like to share this project with all of u with same code.
  18. #10
  19. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,908
    Rep Power
    6352
    10 years outdated? Are u serious? I made few project and lets say successful project with same code.
    Very serious, the functions you're using were marked as "bad practices" in early 2004 or earlier.

    But here i got stuck becoz of this button coming after every question.
    Stop putting a button after every question then. Move the <form> tags and the submit button outside your loop. I said this already.

    But if i got solution of this i would like to share this project with all of u with same code.
    Given that it's 10 years out of date and has no security...we don't really want it.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  20. #11
  21. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    I wish a got a dollar for every poor excuse regarding insecure code. Then I'd be rich in a week.

    "But it's working!"
    "We've always done it this way!"
    "It's only for testing, I'll add security later!"
    "It's for a school project. We have to do it like that!"
    "The site is behind 42 firewalls, we've already taken good care of security."

    Yeah, sure, keep going. Some people have to learn the hard way.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  22. #12
  23. Transforming Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,245
    Rep Power
    9400
    As to the original question,

    BackToStudy: Now you have it so you can only answer one question at a time. You want it so you can submit multiple answers at once?

IMN logo majestic logo threadwatch logo seochat tools logo