File "update_question.php"

Full Path: /home/ccipcixf/public_html/hirepro/admin/update_question.php
File size: 2.84 KB
MIME-type: text/x-php
Charset: utf-8

 
Open Edit   Advanced Editor   Back 
<?php
if (session_status() == PHP_SESSION_NONE) {
    session_start();
}

include("config.php");

// Check if the form is submitted
if (isset($_POST['update_question_submit'])) {

    // Retrieve form data
    $question_id = mysqli_real_escape_string($conn, $_POST['question_id']);
    $level = mysqli_real_escape_string($conn, $_POST['junior_level']);
    $competency = mysqli_real_escape_string($conn, $_POST['competency']);
    $question_eng =stripslashes(mysqli_real_escape_string($conn, $_POST['question_eng']));
    $question_ur = stripslashes(mysqli_real_escape_string($conn, $_POST['question_ur']));

    // First Answer
    $firstanswer_en =stripslashes( mysqli_real_escape_string($conn, $_POST['answer_1_eng']));
    $firstanswer_ur = stripslashes( mysqli_real_escape_string($conn, $_POST['answer_1_ur']));
    $firstanswer_rating = mysqli_real_escape_string($conn, $_POST['rating_1']);

    // Second Answer
    $secondanswer_en = stripslashes(mysqli_real_escape_string($conn, $_POST['answer_2_eng']));
    $secondanswer_ur = stripslashes(mysqli_real_escape_string($conn, $_POST['answer_2_ur']));
    $secondanswer_rating = mysqli_real_escape_string($conn, $_POST['rating_2']);

    // Third Answer
    $thirdanswer_en = stripslashes(mysqli_real_escape_string($conn, $_POST['answer_3_eng']));
    $thirdanswer_ur =stripslashes(mysqli_real_escape_string($conn, $_POST['answer_3_ur']));
    $thirdanswer_rating = mysqli_real_escape_string($conn, $_POST['rating_3']);

    // Use prepared statements
    $sql = "UPDATE `questions_junior` SET
            `question_level` = ?,
            `competency` = ?,
            `question_eng` = ?,
            `question_ur` = ?,
            `answer_1_eng` = ?,
            `answer_1_ur` = ?,
            `rating_1` = ?,
            `answer_2_eng` = ?,
            `answer_2_ur` = ?,
            `rating_2` = ?,
            `answer_3_eng` = ?,
            `answer_3_ur` = ?,
            `rating_3` = ?
            WHERE `question_id` = ?";

    $stmt = mysqli_prepare($conn, $sql);
    
    if ($stmt) {
        mysqli_stmt_bind_param($stmt, "ssssssssssssss", $level, $competency, $question_eng, $question_ur, $firstanswer_en, $firstanswer_ur, $firstanswer_rating, $secondanswer_en, $secondanswer_ur, $secondanswer_rating, $thirdanswer_en, $thirdanswer_ur, $thirdanswer_rating, $question_id);

        // Execute the statement
        $result = mysqli_stmt_execute($stmt);

        if ($result) {
            // echo "Data updated successfully";
            header("Location: show_junior_questions.php");
        } else {
            echo "Error: " . mysqli_stmt_error($stmt);
        }

        // Close the statement
        mysqli_stmt_close($stmt);
    } else {
        echo "Error: " . mysqli_error($conn);
    }

    // Close the database connection
    mysqli_close($conn);
}
?>