newbaba Posted December 17, 2016 Share Posted December 17, 2016 <?php print_r (" <form name=\"form1\" method=\"post\" action=\"quizt1a.php\"> <div align=\"center\"> <table width=\"699\" border=\"1\" cellspacing=\"1\" cellpadding=\"0\" bordercolor=\"#000000\">"); $servername = "localhost"; $username = "root"; $password = ""; $dbname = "quizdb"; // Create connection $conn = mysqli_connect($servername, $username, $password, $dbname); if (!$conn) { die("Connection failed: " . mysqli_connect_error()); //Get question Rows $sql = mysqli_query ("SELECT * FROM quizt1"); while ($row = mysqli_fetch_array($sql)) { $qno = $row["questionno"]; $question = $row["question"]; $qanswer1 = $row["answer1"]; $qanswer2 = $row["answer2"]; $qanswer3 = $row["answer3"]; $qanswer4 = $row["answer4"]; $qanswer5 = $row["answer5"]; print_r ("<tr> <td width=\"26\">$qno</td> <td width=\"360\">$question</td> <td width=\"281\"> <select name=\"question$qno\" class=\"formbox1\"> <option value=\"0\" selected>-- Answers --</option> <option value=\"1\">$qanswer1</option> <option value=\"2\">$qanswer2</option>"); if ($qanswer3 <> ""){ print_r "<option value=\"3\">$qanswer3</option>";}; if ($qanswer4 <> ""){ print_r "<option value=\"4\">$qanswer4</option>";}; if ($qanswer5 <> ''){ print_r "<option value=\"5\">$qanswer5</option>";}; { print_r "</select></td></tr>"; } print_r '$quizid'; } } ?> Quote Link to comment Share on other sites More sharing options...
benanamen Posted December 17, 2016 Share Posted December 17, 2016 (edited) You are using print_r wrong and several of them are formatted wrong anyways. Replace all the print_r's with echo but even then, the code is still badly written. There is no need to echo/print $100% HTML. http://php.net/manual/en/function.print-r.php Edited December 17, 2016 by benanamen Quote Link to comment Share on other sites More sharing options...
ginerjm Posted December 17, 2016 Share Posted December 17, 2016 Have you tried it with error checking turned on? Also - you could add some echos throughout the code to ensue that the script is doing what you expect. Quote Link to comment Share on other sites More sharing options...
newbaba Posted December 18, 2016 Author Share Posted December 18, 2016 thanks alot for your prompt reply will update and post it here if any issue again Quote Link to comment Share on other sites More sharing options...
Solution Jacques1 Posted December 18, 2016 Solution Share Posted December 18, 2016 Several things: Don't show your internal database errors to your visitors. It's very irritating for legitimate users, and it helps attackers gain information about your system. Instead, enable exceptions, so that error messages are automatically sent to the right device according to your PHP configuration (an error log in production, the developer's screen during development). Your database structure is broken. Whenever you find yourself numbering table names or columns, there's something wrong. SQL is not Excel. It's a database system with specific rules how to store data. Don't use SELECT *. Always select specific columns. Don't copy every item of the $row array into an extra variable. Just access the array items whenever you need them: $row['index_of_the_item']. You'll want a more meaningful name than $row, though. Stylistic HTML attributes like align, width, color etc. are dead since 1997. We have CSS now. If this is the entire script, you're also failing to output a complete and valid HTML document. Create a function for your database connection so that you can reuse this code in all your scripts: database.php <?php /** * Establishes a MySQL database connection using mysqli * * @param $host string the hostname or IP address of the database server (e. g. "localhost") * @param $user string the name of the database user * @param $password string the password of the database user * @param $database string the database name * @param $charset string the character encoding of the connection (e. g. "utf8) * * @return mysqli the connection * * @throws mysqli_exception if the connection failed */ function connect_to_database($host, $user, $password, $database, $charset) { // make mysqli throw an exception whenever it encounters a problem $mysqli_driver = new mysqli_driver(); $mysqli_driver->report_mode = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; $database_connection = mysqli_connect($host, $user, $password, $database); // specify the character encoding of the database connection $database_connection->set_charset($charset); return $database_connection; } Then create a configuration script to hold the connection parameters: configuration.php <?php const DATABASE_HOST = 'localhost'; const DATABASE_USER = '...'; const DATABASE_PASSWORD = '...'; const DATABASE_NAME = '...'; const DATABASE_ENCODING = 'utf8'; Fix your database structure. For example: TABLES quizzes - quiz_id questions - question_id - question answers - question_id - answer - is_correct quiz_questions - quiz_id - question_id Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.