<?php if (session_status() == PHP_SESSION_NONE) { session_start(); } include("config.php"); // Include your database connection file // Check if the form is submitted if (isset($_POST['medium_level_submit'])) { // Retrieve form data $level = mysqli_real_escape_string($conn, $_POST['medium_level']); $competency = mysqli_real_escape_string($conn, $_POST['competency']); $question_eng = stripslashes(mysqli_real_escape_string($conn, $_POST['question_eng'])); $question_ur = stripslashes(mysqli_real_escape_string($conn, $_POST['question_ur'])); // First Answer $firstanswer_en = stripslashes(mysqli_real_escape_string($conn, $_POST['firstanswer_en'])); $firstanswer_ur = stripslashes(mysqli_real_escape_string($conn, $_POST['firstanswer_ur'])); $firstanswer_rating = $_POST['firstanswer_rating']; // No need for mysqli_real_escape_string for INT // Second Answer $secondanswer_en = stripslashes(mysqli_real_escape_string($conn, $_POST['secondanswer_en'])); $secondanswer_ur = stripslashes(mysqli_real_escape_string($conn, $_POST['secondanswer_ur'])); $secondanswer_rating = $_POST['secondanswer_rating']; // No need for mysqli_real_escape_string for INT // Third Answer $thirdanswer_en = stripslashes(mysqli_real_escape_string($conn, $_POST['thirdanswer_en'])); $thirdanswer_ur = stripslashes(mysqli_real_escape_string($conn, $_POST['thirdanswer_ur'])); $thirdanswer_rating = $_POST['thirdanswer_rating']; // No need for mysqli_real_escape_string for INT // Prepare the SQL statement using prepared statements $sql = "INSERT INTO `questions_medium` (`question_level`, `competency`, `question_eng`, `question_ur`, `answer_1_eng`, `answer_1_ur`, `rating_1`, `answer_2_eng`, `answer_2_ur`, `rating_2`, `answer_3_eng`, `answer_3_ur`, `rating_3`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; // Prepare the statement $stmt = mysqli_prepare($conn, $sql); // Check for errors in preparing the statement if (!$stmt) { die('Error in preparing statement: ' . mysqli_error($conn)); } // Bind parameters to the statement mysqli_stmt_bind_param( $stmt, "sssssssssssss", $level, $competency, $question_eng, $question_ur, $firstanswer_en, $firstanswer_ur, $firstanswer_rating, $secondanswer_en, $secondanswer_ur, $secondanswer_rating, $thirdanswer_en, $thirdanswer_ur, $thirdanswer_rating ); // Execute the statement $result = mysqli_stmt_execute($stmt); // Check if the query was successful if ($result) { header("Location:show_medium_questions.php"); } else { echo "Error: " . mysqli_error($conn); } // Close the statement mysqli_stmt_close($stmt); // Close the database connection mysqli_close($conn); }