Passing Variables between two Pages using $_POST and $_GET is not working for me

PHP
1

Hello,
I have been trying to pass a variable between two pages using the $_GET and $_POST methods. But its not working for me.

Having been able to retrieve data from my database table on a particular page using:
<?php
$yesnoquestion_id = mysql_prep($_GET[‘yesnoquestion’]);
?>
the above php line is working fine.

BUT

Now, moving to another page to pass in this variable “$yesnoquestion_id” to the page and storing it into another table in the database has been difficult for me.
This is the command line i have written:

<?php
$student_id = $_SESSION[‘user_id’];
$stu_yes_no_answer = $_POST[‘stu_yes_no_answer’];

$yesnoquestion_id = $_POST['yesnoquestion'];

?>

<?php
$query = “INSERT INTO yesnoanswers (
student_id, student_answer, yesnoquestion_id
)VALUES (
{$student_id}, {$stu_yes_no_answer}, {$yesnoquestion_id}
)”;
//$result = mysql_query($query, $connection);

if (mysql_query($query, $connection)){
    //success!
    header("Location: yes_no_choice_student.php");
    exit;
}else {
    //display error msge
    echo "&lt;p&gt;Question answering failed.&lt;/p&gt;";
    echo "&lt;p&gt;" . mysql_error() . "&lt;/p&gt;";
}

?>

Please note that this is working fine without the addition of the $yesnoquestion_id…
But i need this $yesnoquestion_id to be included in the table.
Please help me.
Thank you:confused:

2

Call session_start() before any use of $_SESSION

3

Yea…I have done that already…if i take off the $yesnoquestion_id from the table, everything will be working fine…
The main problem is trying to post $yesnoquestion_id into the database.

4

I have a stupid question – since we’re not seeing your FORMS is the form you’re submitting sending it via method=“post”?

You’re showing us your handler, but you didn’t show us what you are using to send data TO your handler – as such we only have half the picture.

5

The confusion about get/post aside …

Run this and note the diffs between them:


<?php
var_dump(12);
var_dump("12");

If the values coming from your forms are going to be treated as integers in your query then typecast them as such when you receive them.


$stu_yes_no_answer =(int)$_POST['stu_yes_no_answer'];
$yesnoquestion_id =(int)$_POST['yesnoquestion'];

Then you can be sure they are integers (or they fail because they will be turned to 0 zero)


if( $stu_yes_no_answer === 0 
  || $yesnoquestion_id ===0){
// something was not right
}

…so now they are not strings containing integers, and you do not need to quote them in your sql query - and you can be assured they at least cannot be used as an an sql injection attack vector.

You’d still be better off using prepared queries by correctly using either mysqli or PDO.

6

Side note: As long as your yes_no_answer cant be 0, anyway. Otherwise you’ve got problems saying === 0.

7

Hello Everyone…So as to make all things clear let me send the two pages am talking about to you all.

The Fist page is:

<?php require_once(“includes/session.php”); ?>
<?php
session_register (“student_id”);
?>
<?php require_once(“includes/connection.php”); ?>
<?php require_once(“includes/functions.php”); ?>
<?php confirm_logged_in(); ?>
<?php find_selected_page();?>
<?php include(“includes/header.php”); ?>
<table id=“structure”>
<tr>
<td id=“navigation”>
<?php echo student_navigation($sel_yesnoflag, $sel_yesnoquestion); ?>
<br /><br />
<a href=“logout_student.php”> <b>Click here to Log out</b></a><br />
</td>
<td id=“page”>
<h3><?php echo $_SESSION[‘username’]; ?>'s account</h3>
<h3><p> Please answer the following True/False questions. </p></h3>
<?php if ($sel_yesnoquestion){ ?>
<form action=“create_yesno_answer.php?ynflag=<?php echo $sel_yesnoflag[‘id’]; ?>” method=“post”>
<?php $student_id = $_SESSION[‘user_id’]; ?>

                &lt;?php
                    echo $sel_yesnoquestion['id'];
                    $yesnoquestion_id = (int) mysql_prep($_GET['yesnoquestion']);
                    echo $yesnoquestion_id;
                        
                ?&gt;
                
            &lt;h2&gt;&lt;?php echo htmlentities($sel_yesnoquestion['yesnoquestion_name']); ?&gt;&lt;/h2&gt;
            &lt;div class="page-content"&gt;
                &lt;?php echo htmlentities($sel_yesnoquestion['yesnoquestion_content']); ?&gt;
                &lt;br /&gt;
                &lt;br /&gt;
                &lt;input type="radio" name="stu_yes_no_answer" value="1" /&gt; True
                &nbsp;
                &lt;input type="radio" name="stu_yes_no_answer" value="0" /&gt; False
                &lt;br /&gt;
                &lt;br /&gt;
                &lt;input type="submit" name="submit" value="submit" /&gt;
                &lt;/form&gt;
            &lt;/div&gt;
        &lt;?php } else { ?&gt;
            &lt;i&gt;* &lt;u&gt;Note:&lt;/u&gt; To answer any question, Please make sure select the questions from the categories.&lt;/i&gt;
        &lt;?php } ?&gt;
    &lt;/td&gt;
&lt;/tr&gt;

</table>
<?php require(“includes/footer.php”);?>

And Here is the second page:

<?php require_once(“includes/session.php”); ?>
<?php require_once(“includes/connection.php”); ?>
<?php require_once(“includes/functions.php”); ?>
<?php //find_selected_page();?>

<?php
$student_id = $_SESSION[‘user_id’];
$stu_yes_no_answer = $_POST[‘stu_yes_no_answer’];
//$yesnoquestion_id = $_GET[‘yesnoquestion’];
$yesnoquestion_id = $_POST[‘yesnoquestion’];

?>

<?php
global $connection;
$query = “INSERT INTO yesnoanswers (
student_id, student_answer, yesnoquestion_id
)VALUES (
{$student_id}, {$stu_yes_no_answer}, {$yesnoquestion_id}
)”;
//$result = mysql_query($query, $connection);

if (mysql_query($query, $connection)){
    //success!
    header("Location: yes_no_choice_student.php");
    exit;
}else {
    //display error msge
    echo "&lt;p&gt;Question answering failed.&lt;/p&gt;";
    echo "&lt;p&gt;" . mysql_error() . "&lt;/p&gt;";
}

?>

<?php mysql_close($connection); ?>

8

Looks like Starlions hunch was correct, 0 is an expected response.

I think you need to do this right at the top of your file.


<?php
var_dump($_GET);
var_dump($_POST);
var_dump($_SESSION);

…and just check your expectations and the values you are basing conditional code upon.

and then echo out your sql statement and see if it is correct.


echo $query;

I mean echo that query onto the screen, copy it and paste it directly into your database. Do you get any errors? Did you have any strings that needed quoting?

9

You are NOT setting method on your forms… so it is probably defaulting to GET. Wait, no… it’s there… just getting chopped off. Given the invalid form structure I’d be surprised if this even worked anywhere.

That’s a PERFECT example of “opening and closing PHP for NOTHING”, and the markup is the biggest pile of nonsense I’ve seen in ages. multiple H3’s when you aren’t even starting new sections, H2 that should probably be a legend, tables for nothing, paragraphs inside heading tags, value setting in the middle of your output, invalid form structure, plaintext instead of labels…

Basically 2.2k of gibberish doing 1.7k’s job.

ASSUMING we keep the tables for layout (boo)


<?php

require_once("includes/session.php");
session_register ("student_id");
require_once("includes/connection.php");
require_once("includes/functions.php");
confirm_logged_in();
find_selected_page();
include("includes/header.php");

echo '
<table id="structure">
	<tr>
		<td id="navigation">
			',student_navigation($sel_yesnoflag, $sel_yesnoquestion),'
			<br /><br />
			<a href="logout_student.php"> <b>Click here to Log out</b></a>
		</td>
		<td id="page">
			<h3>
				',$_SESSION['username'],'\\'s account<br />
				<small>Please answer the following True/False questions.</small>
			</h3>';
			
if ($sel_yesnoquestion) {
	$student_id = $_SESSION['user_id'];
	$yesnoquestion_id = (int) mysql_prep($_GET['yesnoquestion']);
	echo '
			<form
				action="create_yesno_answer.php?ynflag=',$sel_yesnoflag['id'],'"
				method="post"
			>
				<fieldset>
					',$sel_yesnoquestion['id'],'
					',$yesnoquestion_id,'
    			<legend><span>
    				',htmlentities($sel_yesnoquestion['yesnoquestion_name']),'
    			</span></legend>
					<p>
						',htmlentities($sel_yesnoquestion['yesnoquestion_content']),'
					</p>
					<input type="radio" name="stu_yes_no_answer" id="stuTrue" value="1" />
					<label for="stuTrue">True</label>
					<input type="radio" name="stu_yes_no_answer" id="stuFalse" value="0" />
					<label for="styFalse">False</label><br />
					<br />
					<input type="submit" name="submit" value="submit" />
				</fieldset>
			</form>';
} else {
	echo '
			<i>* <u>Note:</u> To answer any question, Please make sure select the questions from the categories.</i>';
}
echo '
		</td>
	</tr>
</table>';

require("includes/footer.php");

?>
<?php

require_once("includes/session.php");
session_register ("student_id");
require_once("includes/connection.php");
require_once("includes/functions.php");
confirm_logged_in();
find_selected_page();?>
include("includes/header.php");

echo '
<table id="structure">
	<tr>
		<td id="navigation">
			',student_navigation($sel_yesnoflag, $sel_yesnoquestion),'
			<br /><br />
			<a href="logout_student.php"> <b>Click here to Log out</b></a>
		</td>
		<td id="page">
			<h3>
				',$_SESSION['username'],'\\'s account<br />
				<small>Please answer the following True/False questions.</small>
			</h3>';
			
if ($sel_yesnoquestion) {
	$student_id = $_SESSION['user_id'];
	$yesnoquestion_id = (int) mysql_prep($_GET['yesnoquestion']);
	echo '
			<form
				action="create_yesno_answer.php?ynflag=',$sel_yesnoflag['id'],'"
				method="post"
			>
				<fieldset>
					',$sel_yesnoquestion['id'],'
					',$yesnoquestion_id,'
    			<legend><span>
    				',htmlentities($sel_yesnoquestion['yesnoquestion_name']),'
    			</span></legend>
					<p>
						',htmlentities($sel_yesnoquestion['yesnoquestion_content']),'
					</p>
					<input type="radio" name="stu_yes_no_answer" id="stuTrue" value="1" />
					<label for="stuTrue">True</label>
					<input type="radio" name="stu_yes_no_answer" id="stuFalse" value="0" />
					<label for="styFalse">False</label><br />
					<br />
					<input type="submit" name="submit" value="submit" />
				</fieldset>
			</form>';
} else {
	echo '
			<i>* <u>Note:</u> To answer any question, Please make sure select the questions from the categories.</i>';
}
echo '
		</td>
	</tr>
</table>';

require("includes/footer.php");

?>

… and even then I’m not sold on H3 being the correct tag, the table has NO business even being in there, etc, etc…

On the logic side, you aren’t setting either of the radio buttons to selected, and you have no checks for ‘isset’ – also it would be a really good idea to TYPECAST before sending $_POST to the query.

Though what type is student_answer in the database? Is that integer? an SQL boolean? If you feed 0 and 1 to SQL bool that typically does NOT work…