1

I'm building a quiz web application that is dynamically generated from a database on my server. I have pretty much implemented all the functionality, the only missing piece is making it capable of providing multiple quizzes. Right now I have to manually write in the code $quiz_id = 1, $quiz_title = "geography" in the quiz.php script for it to run correctly. If I can generate the values for these two variables my quiz.php would work for multiple quiz topics.

So, herein lies my problem: I'd like the user to be able to choose from a list of quiz topics (on the page quizlist.php), click on the link of the quiz they want to take, and then bring them to a page with the quiz questions/choices (on the page quiz.php). Additionally, I'd like to send some values from quizlist.php to quiz.php associated with the specific link the user clicked. I'd like to send the quiz_id and quiz_title to the page quiz.php in order to present the correct set of questions.

I believe there is a way to do this using $_GET or $_POST, as well as using $_SESSION. My questions is which way is better? And how do I do it? I hear $_SESSION is more secure but I'm not sure if I am really worried about this data (quiz_id and quiz_title) being secure.

Currently, here is the code for quizlist.php

<?php
  // Start the session
  require_once('startsession.php');

  // Insert the page header
  $page_title = 'Quiz List';
  require_once('header.php');

  require_once('connectvars.php');

  // Make sure the user is logged in before going any further.
  if (!isset($_SESSION['user_id'])) {
    echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
    exit();
  }

  // Show the navigation menu
  require_once('navmenu.php');

  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  // Determine number of quizes based on title in quiz table
  $query = "SELECT * FROM quiz";
  $data = mysqli_query($dbc, $query);
  // Loop through quiz titles and display links for each
  while ($row = mysqli_fetch_array($data)) {
    echo '<a href="quiz.php">' . $row['title'] . '</a><br />';
  }

  mysqli_close($dbc);

  // Insert the page footer
  require_once('footer.php');
?>

Thanks for the help!

Improve this question
3
  • You could use sessions for making "global" variables. Commented Oct 12, 2011 at 0:55
  • 1
    Tackle one problem at a time first the list of question working then the authentication. You should use GET because SESSION is for things specific to a given user. POST is for code that modifies the server side (here you only load things from the database). And GET is to retrieve server-side information which is exactly your case. Commented Oct 12, 2011 at 1:04
  • Thank you for the precise breakdown of $_SESSION, $_POST, and $_GET. Commented Oct 12, 2011 at 9:36

3 Answers 3

Reset to default
5

Use $_GET.

First, you're going to want to change this line

echo '<a href="quiz.php">' . $row['title'] . '</a><br />';

To something like this:

echo '<a href="quiz.php?id='.$row['id'].'">' . $row['title'] . '</a><br />';

And then in quiz.php, retrieve the appropriate quiz using $_GET['id'] as your primary key to look it up in the database.

You should store your quiz title there too (in the db).

$_GET is appropriate here because you're just using an ID to determine which quiz to display. There's no need for confidentiality here. You would use $_POST when you're submitting form data which alters the database. $_SESSION is useful for storing basic login info and other stuff that must persist across multiple pages for the life of the session, such as wizard forms.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

To "send" values from one PHP page to another, you can use sessions or GET variables sent in the url.

Sessions: 

$_SESSION["quiz_id"] = 1;
$_SESSION["quiz_title"] = "geography";

URL: mypage.php?quiz_id=1&quiz_title=geography

$quiz_id = $_GET["quiz_id"];
$quiz_title = $_GET["quiz_title"];

To send values from the client to the server, you will have to use an HTML form or AJAX.

Improve this answer

3 Comments

Yes, he can use $_SESSION to pass that stuff across pages, but why would he even be passing those values? They're hard-coded!
Why would you use session in that case?
In his situation, he probably should not use sessions. I was just showing how to use them, as that was part of his question.
0

First of all, tackle one problem at a time first the list of question working then the authentication.

You should use GET because:

  • $_SESSION is to store things specific to a given user its behaviour and authentication information such as a token.
  • $_POST is for code that modifies the server side (here you only load things from the database).
  • $_GET is to retrieve server-side information which is exactly your case.

Here loading a question is not something that should be different from one user to another. It will not directly modify something on the server-side. This is why you should use GET. Using something else will work but it is not the proper way to do it.

So basically what you change is:

echo '<a href="quiz.php">' . $row['title'] . '</a><br />';

by

echo '<a href="quiz.php?q_id='.$row['id'].'">' . $row['title'] . '</a><br />';

And in you quizz page you can now know the id of the question (stored by default in $_GET["qid"]) and do whatever you want with it. This of course can be applied to other variables.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.