htmlspecialchars issue

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
zed420
Forum Commoner
Posts: 32
Joined: Wed Jun 04, 2008 11:24 am

htmlspecialchars issue

Post by zed420 »

Hi All
I wonder if you can help me, I'm fairly new to PHP, I'm trying create a quiz for my website I did well so far till it came to insert html tags into databse. I've managed to insert and display them by using 'htmlspecialchar' but now the query wont count those questions that have tags as their options, for example

Code: Select all

 
Question Choose the correct HTML tag to make a text italic
Opt1 <Italic>
Opt2 <i>
Opt3 <ii>
 
When you click on Opt2 this should be counted as one of your right answer but it DOES NOT. but on same question if you don't use tags in options (Opt) it will work. This is how I am finding the results;

Code: Select all

 
$query = "SELECT * FROM php_tb ORDER BY id";
$result = mysql_query($query)
or die ("Couldn't execute query 2."); 
 
if (!$_POST['submit']) 
{ 
echo "<form method=post action=$PHP_SELF>"; 
while ($row = mysql_fetch_array($result)){ 
$id= $_POST["id"];
$question= $_POST["question"];
$opt1= $_POST["opt1"];
$opt2= $_POST["opt2"];
$opt3= $_POST["opt3"];
$answer= $_POST["answer"];
 
} 
} 
 
elseif ($_POST['submit']) 
{ 
$score = 0; 
$total = mysql_num_rows($result); 
while ($row = mysql_fetch_array($result)){ 
$answer = $row[answer]; 
$z = "q$row[id]"; 
$z = trim($z);
if ($_POST[$z] == $answer) 
{ 
$score++; 
} 
} 
 
echo "<p align=center><b>You scored $score out of $total</b></p>";
echo "<p>"; 
if ($score == $total) {
echo "Congratulations! You got all the question right!";
echo "<p>Well done $name, with a score of $score, 
</p>"; 
 
Any help would be appreciated
Zed
User avatar
vargadanis
Forum Contributor
Posts: 158
Joined: Sun Jun 01, 2008 3:48 am
Contact:

Re: htmlspecialchars issue

Post by vargadanis »

Hi!
Welcome to the forums.

So, the htmlspecialchars decodes the chars to HTML codes such as: á -> &aacute; If you search the database for á but &aacute; is stored, it will not return true.
So, if you are searching for the <i> tag, use the htmlspecialchars for the posted result as well. This way the posted option will be with the one stored in the DB.
zed420
Forum Commoner
Posts: 32
Joined: Wed Jun 04, 2008 11:24 am

Re: htmlspecialchars issue

Post by zed420 »

Where in result page would you suggest I should put this .
Thanks
Zed
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Re: htmlspecialchars issue

Post by RobertGonzalez »

If you are inserting htmlspecialchars strings then you need to search htmlspecialchars. What that means is when a user searches, take their search term and htmlspecialchars it.
User avatar
vargadanis
Forum Contributor
Posts: 158
Joined: Sun Jun 01, 2008 3:48 am
Contact:

Re: htmlspecialchars issue

Post by vargadanis »

Where in result page would you suggest I should put this .
Thanks
Zed
Everah answered it. :)
Post Reply