-2
私はランダムにシャッフルして複数の選択肢の質問をまとめたクイズサイトを持っています。正しい答え(他のデータと同様に)はセッション変数に格納され、生徒の回答はPOSTを介して送信されます。クイズフォームの提出がリンクするページで、SESSIONの正解がPOSTデータと比較され、クイズの結果が表示されます。サイトは正常に動作していたので、突然動作を停止させるために何が起こったのか分かりません。フォーム送信後に新しいセッションにPHPセッション変数が残らない
私は両方のページでsession_idが同じであることを確認しました。私は、start_session()がすべてのHTMLの上に適切に配置されていることを確認しました。そして、最初のページと2番目のページでvar_dump($ _ SESSION)を呼び出すことによっても確認されました。
ここには、クイズフォームを組み立てる「startquiz.php」のコードがあります。問題のセッション変数は、単に「DISPLAY A QUESTION LOOP」
<?php
require_once('appvars.php');
require_once('startsession.php');
require_once('generalauthorize.php');
$page_title = '10 Question Quiz';
require_once('header.php');
require_once('navbar.php');
require_once('connectvars.php');
//=================MySQL HANDLING====================
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$quizcount = count($_GET);
$content_array = [];
foreach($_GET as $quiz_content){
$quiz_content = $quiz_content . ' = 1';
array_push($content_array, $quiz_content);
}
$where_clause = implode(' OR ', $content_array);
$query = 'SELECT * FROM questionbank WHERE ' . $where_clause;
$data = mysqli_query($dbc, $query);
$questions_found = mysqli_num_rows($data);
mysqli_close($dbc);
//==================MySQL HANDLING=======================
if ($questions_found > 9) {
//==========MAKE A LIST OF POSSIBLE QUESTIONS==================
$possible_questions_array = [];
while ($row = mysqli_fetch_array($data)) {
array_push($possible_questions_array, $row);
}
//==========MAKE A LIST OF POSSIBLE QUESTIONS=================
// ============DECIDE WHICH 10 QUESTIONS TO USE=================
$quiz_array = [];
for($i = 0; $i < 10; $i++) {
$question_bank_count = count($possible_questions_array);
$random_question_number = rand(0, ($question_bank_count - 1));
array_push($quiz_array, $possible_questions_array[$random_question_number]);
array_splice($possible_questions_array, $random_question_number, 1);
}
// ============DECIDE WHICH 10 QUESTIONS TO USE=================
//============CREATE QUESTION META DATA ARRAY=================
$quiz_metadata_array = [];
for ($i = 0; $i < count($quiz_array); $i++) {
$question_holder = $quiz_array[$i];
$metadata_only = array_splice($question_holder, 12);
array_push($quiz_metadata_array, $metadata_only);
}
//============CREATE QUESTION META DATA ARRAY=================
echo '<div class="quiz-container">';
echo '<h2 class="mainpagetitles">Good Luck!</h2>';
echo '<br />';
echo '<form role="form" method="post" action="processquiz.php">';
//==============CREATE ARRAYS TO HOLD QUIZ DATA==========
$correct_answers = [];
$question_prompts = [];
//==============CREATE ARRAYS TO HOLD QUIZ DATA==========
//===============DISPLAY A QUESTION LOOP==================
for($i = 0; $i < (count($quiz_array)); $i++){
array_push($question_prompts, $quiz_array[$i]['question']);
//==================ISOLATE THE ANSWERS===============
$answers_array = [];
array_push($correct_answers, $quiz_array[$i]['answer']);
array_push($answers_array, $quiz_array[$i]['answer']);
array_push($answers_array, $quiz_array[$i]['distractor1']);
array_push($answers_array, $quiz_array[$i]['distractor2']);
array_push($answers_array, $quiz_array[$i]['distractor3']);
//==================ISOLATE THE ANSWERS===============
//=================SCRAMBLE THE ANSWERS==============
$scrambled_array = [];
$answer_count = count($answers_array);
for ($j = 0; $j < $answer_count; $j++) {
$random_answer_number = rand(0, (count($answers_array) - 1));
array_push($scrambled_array, $answers_array[$random_answer_number]);
array_splice($answers_array, $random_answer_number, 1);
}
//=================SCRAMBLE THE ANSWERS==============
//====================CREATE THE HTML=================
echo '<h3>Question ' . ($i + 1) . '.</h3>';
echo '<div class="question-container">';
echo '<p class="question">' . $quiz_array[$i]['question'] . '</p>';
//==============LOOP THROUGH THE SCRAMBLED ANSWERS===========
for($k = 0; $k < (count($scrambled_array)); $k++) {
echo '<label for="' . $i . $k . '" class="answer_choice">' . (chr((65 + $k))) . ': </label>';
echo '<input value="' . $scrambled_array[$k] . '" id="' . $i . $k . '" class="answer_choice" type="radio" name="' . $i . '" required><p class="answer_choice"> ' . $scrambled_array[$k] . '</p><br />';
}
//==============LOOP THROUGH THE SCRAMBLED ANSWERS===========
echo '</div>';
echo '<hr>';
//====================CREATE THE HTML=================
}
//===============DISPLAY A QUESTION LOOP==================
echo '<div class="center">';
$_SESSION['correct_answers'] = $correct_answers;
$_SESSION['question_prompts'] = $question_prompts;
$_SESSION['current_quiz'] = $_GET;
$_SESSION['current_quiz_meta'] = $quiz_metadata_array;
echo session_id();
echo '<button type="submit" class="centered-button">Finished!</button>';
echo '</div>';
echo '</form>';
echo '</div>';
} else {
echo '<div class="quiz-container">';
echo '<h2 class="center">Oh no!</h2>';
echo '<h4 class="center">It looks like there aren\'t enough questions in the database to take a quiz for this category yet!</h4>';
echo '<h4 class="center">Talk to your English teachers about adding some more.</h4>';
echo '<h4 class="center">Sorry about that!</h4><br />';
echo '<a class="main_menu_button" href="quizselect.php"> Okay </a>';
echo '</div>';
}
require_once('bootstrapfooter.php');
?>
の終了後であり、ここでクイズ処理ページのコードです。このページにvar_dump($ _ SESSION)を挿入するとセッション中のログイン変数が得られますが、それ以外は何もありません。
<?php
require_once('appvars.php');
require_once('startsession.php');
require_once('generalauthorize.php');
$page_title = 'Quiz Results';
require_once('header.php');
require_once('navbar.php');
require_once('connectvars.php');
//=====HAND OFF CURRENT QUIZ KEYWORDS TO LOCAL VARIABLE AND RESET GLOBAL====
$current_quiz = [];
foreach ($_SESSION['current_quiz'] as $key => $value) {
array_push($current_quiz, $value);
}
$_SESSION['current_quiz'] = "";
//=====HAND OFF CURRENT QUIZ KEYWORDS TO LOCAL VARIABLE AND RESET GLOBAL====
//=======UPDATE THE NUMBER OF THIS QUIZ TYPE TAKEN FOR THE USER ===========
$increment_these_quizzes = [];
for ($i = 0; $i < count($current_quiz); $i++) {
if ($current_quiz[$i] == "english_1_1" || $current_quiz[$i] == "english_1_2") {
if (!in_array('english_1_quiz_taken = english_1_quiz_taken + 1', $increment_these_quizzes)) {
$array_insert = 'english_1_quiz_taken = english_1_quiz_taken + 1';
array_push($increment_these_quizzes, $array_insert);
}
} elseif ($current_quiz[$i] == "english_2ot_1" || $current_quiz[$i] == "english_2ot_2") {
if (!in_array('english_2ot_quiz_taken = english_2ot_quiz_taken + 1', $increment_these_quizzes)) {
$array_insert = 'english_2ot_quiz_taken = english_2ot_quiz_taken + 1';
array_push($increment_these_quizzes, $array_insert);
}
} elseif ($current_quiz[$i] == "english_2pt_1" || $current_quiz[$i] == "english_2pt_2") {
if (!in_array('english_2pt_quiz_taken = english_2pt_quiz_taken + 1', $increment_these_quizzes)) {
$array_insert = 'english_2pt_quiz_taken = english_2pt_quiz_taken + 1';
array_push($increment_these_quizzes, $array_insert);
}
} elseif ($current_quiz[$i] == "english_2sw_1" || $current_quiz[$i] == "english_2sw_2") {
if (!in_array('english_2sw_quiz_taken = english_2sw_quiz_taken + 1', $increment_these_quizzes)) {
$array_insert = 'english_2sw_quiz_taken = english_2sw_quiz_taken + 1';
array_push($increment_these_quizzes, $array_insert);
}
} else {
$array_insert = $current_quiz[$i] . '_quiz_taken = ' . $current_quiz[$i] . '_quiz_taken + 1';
array_push($increment_these_quizzes, $array_insert);
}
}
$increment_this = implode(', ', $increment_these_quizzes);
$increase_quiz_count_query = "UPDATE memberinfo SET $increment_this WHERE user_id = $_SESSION[user_id]";
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
mysqli_query($dbc, $increase_quiz_count_query);
mysqli_close($dbc);
//=======UPDATE THE NUMBER OF THIS QUIZ TYPE TAKEN FOR THE USER ===========
//================GET QUESTION COUNT & SCORE QUIZ===========
$score = 0;
$question_count = count($_SESSION['correct_answers']);
for($i = 0; $i < $question_count; $i++) {
$switch = 0;
$keywords = [];
//==============CORRECT ANSWER HANDLING=====================
if ($_POST[$i] == $_SESSION['correct_answers'][$i]) {
$generic_array = [];
$correct_array = [];
$score++;
foreach ($_SESSION['current_quiz_meta'][$i] as $key => $value) {
if ($switch == 1) {
if ($value == 1) {
if ($key == "english_1_1" || $key == "english_1_2") {
if (!in_array('english_1_correct = english_1_correct + 1', $correct_array)) {
$key = 'english_1_correct = english_1_correct + 1';
array_push($correct_array, $key);
}
if (!in_array('english_1_answers = english_1_answers + 1', $generic_array)) {
$gkey = 'english_1_answers = english_1_answers + 1';
array_push($generic_array, $gkey);
}
} elseif ($key == "english_2ot_1" || $key == "english_2ot_2") {
if (!in_array('english_2ot_correct = english_2ot_correct + 1', $correct_array)) {
$key = 'english_2ot_correct = english_2ot_correct + 1';
array_push($correct_array, $key);
}
if (!in_array('english_2ot_answers = english_2ot_answers + 1', $generic_array)) {
$gkey = 'english_2ot_answers = english_2ot_answers + 1';
array_push($generic_array, $gkey);
}
} elseif ($key == "english_2pt_1" || $key == "english_2pt_2") {
if (!in_array('english_2pt_correct = english_2pt_correct + 1', $correct_array)) {
$key = 'english_2pt_correct = english_2pt_correct + 1';
array_push($correct_array, $key);
}
if (!in_array('english_2pt_answers = english_2pt_answers + 1', $generic_array)) {
$gkey = 'english_2pt_answers = english_2pt_answers + 1';
array_push($generic_array, $gkey);
}
} elseif ($key == "english_2sw_1" || $key == "english_2sw_2") {
if (!in_array('english_2sw_correct = english_2sw_correct + 1', $correct_array)) {
$key = 'english_2sw_correct = english_2sw_correct + 1';
array_push($correct_array, $key);
}
if (!in_array('english_2sw_answers = english_2sw_answers + 1', $generic_array)) {
$gkey = 'english_2sw_answers = english_2sw_answers + 1';
array_push($generic_array, $gkey);
}
} else {
$keyword_generic = $key . '_answers = ' . $key . '_answers + 1';
$keyword_correct = $key . '_correct = ' . $key . '_correct + 1';
array_push($generic_array, $keyword_generic);
array_push($correct_array, $keyword_correct);
}
}
$switch = 0;
} else {
$switch = 1;
}
}
$set_what_generic = implode(', ', $generic_array);
$set_what = implode(', ', $correct_array);
$update_query = "UPDATE memberinfo SET $set_what WHERE user_id = $_SESSION[user_id]";
$update_generic_query = "UPDATE memberinfo SET $set_what_generic WHERE user_id = $_SESSION[user_id]";
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
mysqli_query($dbc, $update_query);
mysqli_query($dbc, $update_generic_query);
mysqli_close($dbc);
//==============CORRECT ANSWER HANDLING=====================
//==============WRONG ANSWER HANDLING=====================
} else {
$generic_array = [];
foreach ($_SESSION['current_quiz_meta'][$i] as $key => $value) {
if ($switch == 1) {
if ($value == 1) {
if ($key == "english_1_1" || $key == "english_1_2") {
if (!in_array('english_1_answers = english_1_answers + 1', $generic_array)) {
$gkey = 'english_1_answers = english_1_answers + 1';
array_push($generic_array, $gkey);
}
} elseif ($key == "english_2ot_1" || $key == "english_2ot_2") {
if (!in_array('english_2ot_answers = english_2ot_answers + 1', $generic_array)) {
$gkey = 'english_2ot_answers = english_2ot_answers + 1';
array_push($generic_array, $gkey);
}
} elseif ($key == "english_2pt_1" || $key == "english_2pt_2") {
if (!in_array('english_2pt_answers = english_2pt_answers + 1', $generic_array)) {
$gkey = 'english_2pt_answers = english_2pt_answers + 1';
array_push($generic_array, $gkey);
}
} elseif ($key == "english_2sw_1" || $key == "english_2sw_2") {
if (!in_array('english_2sw_answers = english_2sw_answers + 1', $generic_array)) {
$gkey = 'english_2sw_answers = english_2sw_answers + 1';
array_push($generic_array, $gkey);
}
} else {
$keyword_generic = $key . '_answers = ' . $key . '_answers + 1';
array_push($generic_array, $keyword_generic);
}
}
$switch = 0;
} else {
$switch = 1;
}
}
$set_what_generic = implode(', ', $generic_array);
$update_generic_query = "UPDATE memberinfo SET $set_what_generic WHERE user_id = $_SESSION[user_id]";
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
mysqli_query($dbc, $update_generic_query);
mysqli_close($dbc);
}
//===============WRONG ANSWER HANDLING=====================
}
//================GET QUESTION COUNT & SCORE QUIZ===========
//============ADJUST OVERALL TOTALS AND SUCCESS RATES===================
$update_score_query = "UPDATE memberinfo SET score = total_answers * overall_success_rate WHERE user_id = $_SESSION[user_id]";
$increase_totals_query = "UPDATE memberinfo SET total_quizzes_taken = total_quizzes_taken + 1, total_answers = total_answers + $question_count, total_correct = total_correct + $score WHERE user_id = $_SESSION[user_id]";
$adjust_success_query = "UPDATE memberinfo SET overall_success_rate = (total_correct/total_answers) * 100, phys_con_success = (phys_con_correct/phys_con_answers) * 100, abbr_success = (abbr_correct/abbr_answers) * 100, anatomy_success = (anatomy_correct/anatomy_answers) * 100, society_success = (society_correct/society_answers) * 100, career_success = (career_correct/career_answers) * 100, ment_heal_success = (ment_heal_correct/ment_heal_answers) * 100, tools_success = (tools_correct/tools_answers) * 100, other_success = (other_correct/other_answers) * 100, english_1_success = (english_1_correct/english_1_answers) * 100, english_2ot_success = (english_2ot_correct/english_2ot_answers) * 100, english_2pt_success = (english_2pt_correct/english_2pt_answers) * 100, english_2sw_success = (english_2sw_correct/english_2sw_answers) * 100 WHERE user_id = $_SESSION[user_id]";
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
mysqli_query($dbc, $increase_totals_query);
mysqli_query($dbc, $adjust_success_query);
mysqli_query($dbc, $update_score_query);
//===============UPDATE THE RANKING CHARTS====================
//==========FIRS FLUSH ALL RANKINGS TO 0===================
$flush_rankings = "UPDATE memberinfo SET rank = 0";
mysqli_query($dbc, $flush_rankings);
//==========FIRS FLUSH ALL RANKINGS TO 0===================
//==========NEXT GET ELIGIBLE MEMBERS====================
$get_eligible_scores = "SELECT user_id FROM memberinfo WHERE total_quizzes_taken > 0 AND overall_success_rate >= 40 ORDER BY score DESC, overall_success_rate DESC, total_correct DESC";
$eligible_data = mysqli_query($dbc, $get_eligible_scores);
//==========NEXT GET ELIGIBLE MEMBERS====================
//==========LOOP THROUGH AND UPDATE THE DATABASE=================
$rank_number = 1;
while ($member_data = mysqli_fetch_array($eligible_data)) {
$rank_update_query = "UPDATE memberinfo SET rank = $rank_number WHERE user_id = $member_data[user_id]";
mysqli_query($dbc, $rank_update_query);
$rank_number++;
}
//==========LOOP THROUGH AND UPDATE THE DATABASE=================
//===============UPDATE THE RANKING CHARTS====================
mysqli_close($dbc);
//============ADJUST OVERALL TOTALS AND SUCCESS RATES===================
//=================DISPLAY SCORE & APPROPRIATE MESSAGE=========
echo '<div class="quiz_results">';
echo '<div class="container">';
if ($score == 10) {
echo '<h2 class="center">Perfect Score!!!</h2>';
} else if ($score > 7 && $score < 10) {
echo '<h2 class="center">Well Done!</h2>';
} else if ($score > 5 && $score < 8) {
echo '<h2 class="center">Good!</h2>';
} else if ($score > 3 && $score < 6) {
echo '<h2 class="center">Try a little harder!</h2>';
} else if ($score > 1 && $score < 4) {
echo '<h2 class="center">Oooh. Not good.</h2>';
} else if ($score <= 1) {
echo '<h2 class="center">Seriously? That bad?</h2>';
} else {
echo '<h2 class="center">How\'d you even get this score??</h2>';
}
echo '<h1 class="center">You scored ' . $score . '/' . $question_count . '</h1>';
//=================DISPLAY SCORE & APPROPRIATE MESSAGE=========
//================COMPARE AND DISPLAY ANSWERS=================
?>
<div id="quiz_table_headings" class="row">
<h2 class="col-xs-6">Correct Answer</h2>
<h2 class="col-xs-6">Your Answer</h2>
</div>
<?php
for ($i = 0; $i < $question_count; $i++) {
echo '<div id="quiz_table_question" class="row">';
echo '<p id="quiz_table_question_inner" class="col-xs-12">Question ' . ($i + 1) . ': ' . $_SESSION['question_prompts'][$i] . '</p>';
echo '</div>';
echo '<div id="quiz_table_data" class="row">';
echo '<p id="quiz_table_answer" class="col-xs-6">' . $_SESSION['correct_answers'][$i] . '</p>';
if ($_POST[$i] == $_SESSION['correct_answers'][$i]) {
echo '<p id="quiz_table_correct" class="col-xs-6">' . $_POST[$i] . '</p>';
} else {
echo '<p id="quiz_table_wrong" class="col-xs-6">' . $_POST[$i] . '</p>';
}
echo '</div>';
echo '<hr>';
}
echo '</div>';
//================COMPARE AND DISPLAY ANSWERS=================
//===========CREATE END OF QUIZ LINKS=====================
$replay_url = 'startquiz.php?';
$args_array = [];
for ($i = 0; $i < count($current_quiz); $i++) {
$arg = 'quiz' . $i . '=' . $current_quiz[$i];
array_push($args_array, $arg);
}
$link_args = "";
$link_args = implode('&', $args_array);
$replay_url .= $link_args;
//=============DISPLAY THE BUTTONS=====================
echo '<div class="container">';
echo '<div id="quiz_finish_buttons_row" class="row">';
echo '<div id="quiz_finish_buttons_col" class="col-xs-6">';
echo '<a class="centered-button" href="' . $replay_url . '">Take This Quiz Again</a>';
echo '</div>';
echo '<div id="quiz_finish_buttons_col" class="col-xs-6">';
echo '<a class="centered-button" href="quizselect.php">Back to Quiz Select</a><br />';
echo '</div>';
echo '</div></div>';
echo '</div>';
//=============DISPLAY THE BUTTONS=====================
//===========CREATE END OF QUIZ LINKS=====================
require_once('bootstrapfooter.php');
?>
私は、各ページのコード全体を掲示をお詫び申し上げますが、私はプロのプログラマーではないと私が関連しているかわからないんだけど、何ではありません。
require_once( 'startsession.php');セッションを初期化するためのすべてのコードが含まれていますか?この行をあなたのscripの一番上に移動してください。すなわち、直前:require_once( 'appvars.php'); – Shan
あなたは[SQL Injections](http://php.net/manual/en/security.database.sql-injection.php)を広く利用していますので、[Prepared Statements](http://php.net/ manual/en/mysqli.quickstart.prepared-statements.php)を使用してください。あなたがユーザーの入力をまったくエスケープしていないからです! _Never_ユーザー入力を信頼しない。列名を動的に入力する場合は、入力を検証する許可された列名のホワイトリストが必要です。 –
[require_once](http://php.net/manual/en/function.require-once.php)は[require](http://php.net/manual/en/function.require.php)のように生成します致命的なエラーとそれ以上の実行を止める* "requireはincludeと同じですが、それ以外の場合は致命的なE_COMPILE_ERRORレベルのエラーが発生します**つまり、**スクリプトは停止しますが、includeは警告(E_WARNING)スクリプトを続行できます。 "エラー報告を使用している間に「インクルード」して何が起こるかを確認してください。http://php.net/manual/en/function.error-reporting.php –