I am trying to insert data from form with dynamically generated radio button for quiz page.I cant access the data posted by form with name as array.Please help me to do that.If you find any error it must be big help.Thankyou
<?php
$rs=mysql_query("select * from question where testid=$tid order by quesid ",$cn) or die(mysql_error());
$n=0;
while($row= mysql_fetch_row($rs)){?>
<form name=myfm method=post action=Quiz.php>
<table width=100%> <tr> <td width=30><td></td></td></tr> <table border=0>
<?php $n=$n+1; ?>
<tr><td>Question <?php echo $n." "; echo $row[2]; ?></td></tr>
<tr><td class=style8><input type="radio" name="ques['<?php echo $n; ?>'][]" value=1><?php echo $row[3]; ?></td></tr>
<tr><td class=style8> <input type="radio" name="ques['<?php echo $n; ?>'][]" value=2><?php echo $row[4];?></td></tr>
<tr><td class=style8><input type="radio" name="ques['<?php echo $n; ?>'][]" value=3><?php echo $row[5];?></td></tr>
<tr><td class=style8><input type="radio" name="ques['<?php echo $n; ?>'][]" value=4><?php echo $row[6];?></td></tr>
<?php
}
echo "<tr><td><input type=submit name=submit id='result' value='Get Result'></form>";
?>
</table></table>
</form>
data inserting page
<?php
$rs=mysql_query("select * from question where testid=$tid",$cn) or die(mysql_error());
if($submit=='Get Result')
{ $n=0;
while($row= mysql_fetch_row($rs)){
for($i=0;$i<count($_POST['ques']);$i++)
{$n=$n+1;
$ans=$_POST['ques'][$n][$i];
mysql_query("insert into useranswer(sessid, testid, ques, ans1,ans2,ans3,ans4,correctans,yourans) values ('".session_id()."', $tid,'$row[2]','$row[3]','$row[4]','$row[5]', '$row[6]','$row[7]','$ans')") or die(mysql_error());
}
?>
You have a variable $tid. Then it should be like this.
$rs=mysql_query("select * from question where testid=".$tid,$cn)
And don't forget to add mysql_real_escape_string in your queries.
mysql_real_escape_string — Escapes special characters in a string for use in an SQL statement.But this extension was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used.
UPDATE :::
mysql_real_escape_string
// We have not connected to MySQL
$lastname = "O'Reilly";
$_lastname = mysql_real_escape_string($lastname);
$query = "SELECT * FROM actors WHERE last_name = '$_lastname'";
UPDATE 2::
$tid = mysql_real_escape_string($tid);
$ans = mysql_real_escape_string($ans);
mysql_query("insert into useranswer(sessid, testid, ques, ans1,ans2,ans3,ans4,correctans,yourans) values ('".session_id()."', '". $tid ."','$row[2]','$row[3]','$row[4]','$row[5]', '$row[6]','$row[7]','". $ans .'")") or die(mysql_error());