My goal is to create a general template to be used to INSERT INTO testquiz (a MySQL table). This will be used for storing quiz results and user information (name and email are the only user input in the database) from quiz takers. I am new to PHP/MySQL and feel like I am just stumbling around.
My problem is that I am unable to get the $_POST values that are generated by the quiz to appear in the database. I know the values are being generated because they will display with a basic echo. There is a 'send to email' feature that works with the values that is working as well. I can get this code to work if I manually assign values to the $_POST array by uncommenting the first comment block.
What am I missing here?
Sidenote: I'll take security suggestions as well. Thank you.
Code below (user specific information omitted):
<?php
//disable magic quotes (PHP book says it's a good idea)
if (get_magic_quotes_gpc())
{
$process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
while (list($key, $val) = each($process))
{
foreach ($val as $k => $v)
{
unset($process[$key][$k]);
if (is_array($v))
{
$process[$key][stripslashes($k)] = $v;
$process[] = &$process[$key][stripslashes($k)];
}
else
{
$process[$key][stripslashes($k)] = striplashes($v);
}
}
}
unset($process);
}
/* //Manually declare $_POST variables (can be disabled)
$_POST['v'] = '6.5.1';
$_POST['sp'] = 80;
$_POST['psp'] = 75;
$_POST['tp'] = 80;
$_POST['sn'] = 'user';
$_POST['se'] = 'abc123@fake.com';
$_POST['qt'] = 'Test Quiz';
*/
//Assign $_POST values to static variables???
$version = $_POST['v'];
$points = $_POST['sp'];
$passing_percent = $_POST['psp'];
$gained_score = $_POST['tp'];
$username = $_POST['sn'];
$email = $_POST['se'];
$quiz_title = $_POST['qt'];
//MySQL database connection PDO
try
{
$pdo = new PDO('mysql:host=localhost;dbname=quizresults', 'user', 'password');
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$pdo->exec('SET NAMES "utf8"');
}
catch (PDOException $e)
{
$error = 'Unable to connect to the database server.';
include 'error.html.php';
exit();
}
//Prepare input for database entry
try
{
$sql = $pdo->prepare("INSERT INTO testquiz (version, points, passing_percent, gained_score, username, email, quiz_title, date) VALUES (:version, :points, :passing_percent, :gained_score, :username, :email, :quiz_title, CURDATE())");
$sql->execute(array(":version" => $version, ":points" => $points, ":passing_percent" => $passing_percent, ":gained_score" => $gained_score, ":username" => $username, ":email" => $email, ":quiz_title" => $quiz_title));
//echo for debugging purposes
echo $version . '<br />', $points . '<br />', $passing_percent . '<br />', $gained_score . '<br />', $username . '<br />', $email . '<br />', $quiz_title . '<br />', date(DATE_ATOM);
}
catch (PDOException $e)
{
$error = 'Error adding quiz results to database: ' . $e->getMessage();
include 'error.html.php';
exit();
}
//Calculate user score
$points_num = (int)$points;
$passing_num = ((int)$passing_percent)/100 * (int)$gained_score;
//Write results to a text file
$f = fopen("result.txt", "w") or die("Error opening file 'result.txt' for writing");
fwrite($f, "--------------------------\n");
fwrite($f, "User name: ".$username."\n");
fwrite($f, "User email: ".$email."\n");
fwrite($f, "Quiz title: ".$quiz_title."\n");
fwrite($f, "Points awarded: ".$points."\n");
fwrite($f, "Total score: ".$gained_score."\n");
fwrite($f, "Passing score: ".$passing_num."\n");
if ($points_num >= $passing_num)
{
fwrite($f, "User passes\n");
}
else
{
fwrite($f, "User fails\n");
}
fwrite($f, "--------------------------\n");
if($f)
{
fclose($f);
}
?>
https://stackoverflow.com/questions/23306650
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian