<?php if (session_status() == PHP_SESSION_NONE) { session_start(); } include("config.php"); // Include your database connection file // Check if the form is submitted if (isset($_POST['wes_level_submit'])) { // Retrieve form data $level = mysqli_real_escape_string($conn, $_POST['wes_level']); $competency = mysqli_real_escape_string($conn, $_POST['competency']); $question_eng = mysqli_real_escape_string($conn, $_POST['question_eng']); $question_ur = mysqli_real_escape_string($conn, $_POST['question_ur']); // First Answer $firstanswer_en = mysqli_real_escape_string($conn, $_POST['firstanswer_en']); $firstanswer_ur = mysqli_real_escape_string($conn, $_POST['firstanswer_ur']); $firstanswer_rating = $_POST['firstanswer_rating']; // No need for mysqli_real_escape_string for INT // Second Answer $secondanswer_en = mysqli_real_escape_string($conn, $_POST['secondanswer_en']); $secondanswer_ur = mysqli_real_escape_string($conn, $_POST['secondanswer_ur']); $secondanswer_rating = $_POST['secondanswer_rating']; // No need for mysqli_real_escape_string for INT // Third Answer $thirdanswer_en = mysqli_real_escape_string($conn, $_POST['thirdanswer_en']); $thirdanswer_ur = mysqli_real_escape_string($conn, $_POST['thirdanswer_ur']); $thirdanswer_rating = $_POST['thirdanswer_rating']; // No need for mysqli_real_escape_string for INT // Fourth Answer $fourthanswer_en = mysqli_real_escape_string($conn, $_POST['fourthanswer_en']); $fourthanswer_ur = mysqli_real_escape_string($conn, $_POST['fourthanswer_ur']); $fourthanswer_rating = $_POST['fourthanswer_rating']; // No need for mysqli_real_escape_string for INT // Fifth Answer $fifthanswer_en = mysqli_real_escape_string($conn, $_POST['fifthanswer_en']); $fifthanswer_ur = mysqli_real_escape_string($conn, $_POST['fifthanswer_ur']); $fifthanswer_rating = $_POST['fifthanswer_rating']; // No need for mysqli_real_escape_string for INT // Sixth Answer $sixthanswer_en = mysqli_real_escape_string($conn, $_POST['sixthanswer_en']); $sixthanswer_ur = mysqli_real_escape_string($conn, $_POST['sixthanswer_ur']); $sixthanswer_rating = $_POST['sixthanswer_rating']; // No need for mysqli_real_escape_string for INT // seventh Answer $seventhanswer_en = mysqli_real_escape_string($conn, $_POST['seventhanswer_en']); $seventhanswer_ur = mysqli_real_escape_string($conn, $_POST['seventhanswer_ur']); $seventhanswer_rating = $_POST['seventhanswer_rating']; // No need for mysqli_real_escape_string for INT // Prepare the SQL statement using prepared statements $sql = "INSERT INTO `questions_wes` (`question_level`, `competency`, `question_eng`, `question_ur`, `answer_1_eng`, `answer_1_ur`, `rating_1`, `answer_2_eng`, `answer_2_ur`, `rating_2`, `answer_3_eng`, `answer_3_ur`, `rating_3`, `answer_4_eng`, `answer_4_ur`, `rating_4`, `answer_5_eng`, `answer_5_ur`, `rating_5`, `answer_6_eng`, `answer_6_ur`, `rating_6`, `answer_7_eng`, `answer_7_ur`, `rating_7`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; // Prepare the statement $stmt = mysqli_prepare($conn, $sql); // Check for errors in preparing the statement if (!$stmt) { die('Error in preparing statement: ' . mysqli_error($conn)); } // Bind parameters to the statement mysqli_stmt_bind_param( $stmt, "sssssssssssssssssssssssss", // 25 placeholders $level, $competency, $question_eng, $question_ur, $firstanswer_en, $firstanswer_ur, $firstanswer_rating, $secondanswer_en, $secondanswer_ur, $secondanswer_rating, $thirdanswer_en, $thirdanswer_ur, $thirdanswer_rating, $fourthanswer_en, $fourthanswer_ur, $fourthanswer_rating, $fifthanswer_en, $fifthanswer_ur, $fifthanswer_rating, $sixthanswer_en, $sixthanswer_ur, $sixthanswer_rating, $seventhanswer_en, $seventhanswer_ur, $seventhanswer_rating ); // Execute the statement $result = mysqli_stmt_execute($stmt); // Check if the query was successful if ($result) { header("Location: show_wes.php"); } else { echo "Error: " . mysqli_error($conn); } // Close the statement mysqli_stmt_close($stmt); // Close the database connection mysqli_close($conn); }