我有这个代码供审查。
是否有任何方法可以隐藏您的真实答案,因为我已经将其与我的代码一起发布,以便将其与答案进行比较。
<?php
function getQuestions()
{
require("connection.php");
$questions = array();
$query = mysql_query("SELECT * FROM `question` order by id ") or dir(mysql_error());
if (mysql_num_rows($query) > 0) {
while ($fetch = mysql_fetch_assoc($query)) {
$questions['questions'] = $fetch;
if (!empty($questions)) {
echo "<table width='100%'>";
foreach ($questions as $qstn)
echo "<hr size='2%'>"; {
echo "<tr><td>" . $qstn["question"] . "</td></tr>";
echo "<tr><td><input type='radio' name='ans1' required='required' title='Please Answer the Questions'>" . $qstn["ans1"] . "</td></tr>";
echo "<tr><td><input type='radio' name='ans2' required='required' title='Please Answer the Questions'>" . $qstn["ans2"] . "</td></tr>";
echo "<tr><td><input type='radio' name='ans3' required='required' title='Please Answer the Questions'>" . $qstn["ans3"] . "</td></tr>";
"<tr><td><input type='hidden' name='TrueAns'>" . $qstn["TrueAns"] . "</td></tr>";
}
echo "</table>";
}
}
}
return $questions;
}
getQuestions();
$submit = $_POST['submit'];
$ans1 = $_POST['ans1'];
$ans2 = $_POST['ans2'];
$ans3 = $_POST['ans3'];
$TrueAns = $_POST['TrueAns'];
if ('ans1' == 'TrueAns') {
echo "correct answer";
} else {
echo "wrong answer";
}
if ('ans2' == 'TrueAns') {
echo "correct answer";
} else {
echo "wrong answer";
}
if ('ans3' == 'TrueAns') {
echo "correct answer";
} else {
echo "wrong answer";
}
?>
<html>
<head>
<meta http-equiv="content-type" content="text/html" />
<meta name="author" content="MOHAMMED" />
<title>Question</title>
</head>
<body>
<form action="test.php" method="POST">
<button type="submit" value="answer">submit your answer</button>
</form>
</body>
</html>
答案 0 :(得分:4)
为什么要在表格中存储答案?在发布帖子之后,您应该从表格中得到答案,而不是将回复验证反馈给您。
您不想将发布的值与TrueAns进行比较,而是希望获取问题的ID,并将其与针对该特定问题的$ qstn [“TrueAns”]进行比较。
您验证的答案不应该被发送到客户端,这可以全部验证服务器端。