Show sourcecode

The following files exists in this folder. Click to view.

public_html/exercises/quizproject/quiz/

createquiz.php
submission.php
submit_quiz.php
takequiz.php
viewquizzes.php
viewsubmissions.php

`takequiz.php`

127 lines UTF-8 Windows (CRLF)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127


<?php

session_start();



// Auth så att användare är inloggad och/eller admin

$loggedIn = isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == 1;

$isAdmin = isset($_SESSION['is_admin']) && $_SESSION['is_admin'] == 1;

?>



<!DOCTYPE html>

<html lang="en">



<head>

 <meta charset="UTF-8">

 <meta name="viewport" content="width=device-width, initial-scale=1.0">

 <title>Quizzer | Quiz</title>

 <link rel="stylesheet" href="../quiz_styles.css">

 <link rel="shortcut icon" href="../icons/google-quiz-icon.svg" type="image/x-icon">

</head>



<body>

 <div class="page page-narrow">

  <?php if ($loggedIn): ?>

  <div class="page-header">

   <div>

    <h1 class="page-title">Take Quiz</h1>

    <p class="page-subtitle">Answer the questions below.</p>

   </div>



   <div class="actions">

    <a class="btn btn-ghost" href="./viewquizzes.php">&#8592; Back to quizzes</a>

   </div>

  </div>

  <?php endif; ?>



  <div class="quiz-container">

   <?php

            include('../dbconnection.php');

            if (!$dbconn) {

                die("Connection failed: Can't connect to database.");

            }



            // Check auth

            if (!$loggedIn || $loggedIn != 1) {

                echo "<div class='alert alert-error'>Access denied. Please log in.</div>";

                echo '<div class="actions"><a class="btn" href="../login.php">Log in -></a></div>';

                exit;

            }



            // Måste ha quiz_id

            if (!isset($_GET['quiz_id']) || empty($_GET['quiz_id'])) {

                echo "<div class='alert alert-warning'>No quiz selected.</div>";

                echo '<div class="actions"><a class="btn btn-secondary" href="../index.php">Back to dashboard -></a></div>';

                exit;

            }



            $quiz_id = intval($_GET['quiz_id']);

            $user_id = $_SESSION['user_id'] ?? null;



            try {

                // Quiz info

                $stmt = $dbconn->prepare("SELECT quiz_name, owner_id FROM quizzes WHERE quiz_id = ?");

                $stmt->execute([$quiz_id]);

                $quiz = $stmt->fetch(PDO::FETCH_ASSOC);



                if (!$quiz) {

                    echo "<div class='alert alert-error'>Quiz not found.</div>";

                    echo '<div class="actions"><a class="btn btn-secondary" href="../index.php">Back to dashboard -></a></div>';

                    exit;

                }



                // Authorization: endast ägare och admin

                if (($quiz['owner_id'] != $user_id) && ($_SESSION['is_admin'] != 1)) {

                    echo "<div class='alert alert-error'>Access denied. You do not own this quiz.</div>";

                    echo '<div class="actions"><a class="btn btn-secondary" href="../index.php">Back to dashboard -></a></div>';

                    exit;

                }



                echo "<h1 class='page-title'>" . htmlspecialchars($quiz['quiz_name']) . "</h1>";



                // Questions

                $stmt = $dbconn->prepare("SELECT question_id, question FROM questions WHERE quiz_id = ? LIMIT 5");

                $stmt->execute([$quiz_id]);

                $questions = $stmt->fetchAll(PDO::FETCH_ASSOC);



                if (empty($questions)) {

                    echo "<div class='alert alert-warning'>No questions found for this quiz.</div>";

                    echo '<div class="actions"><a class="btn btn-secondary" href="../index.php">Back to dashboard -></a></div>';

                    exit;

                }



                // Form

                echo "<form method='POST' action='submit_quiz.php'>";

                echo "<input type='hidden' name='quiz_id' value='" . $quiz_id . "'>";



                foreach ($questions as $index => $question) {

                    echo "<div class='card'>";

                    echo "<h3>Question " . ($index + 1) . ": " . htmlspecialchars($question['question']) . "</h3>";



                    // Answers

                    $stmt = $dbconn->prepare("SELECT answer_id, answer FROM answers WHERE question_id = ? LIMIT 4");

                    $stmt->execute([$question['question_id']]);

                    $answers = $stmt->fetchAll(PDO::FETCH_ASSOC);



                    foreach ($answers as $answer) {

                        echo "<div class='option'>";

                        echo "<input type='radio' name='question_" . $question['question_id'] . "' value='" . $answer['answer_id'] . "' required>";

                        echo "<label>" . htmlspecialchars($answer['answer']) . "</label>";

                        echo "</div>";

                    }



                    echo "</div>";

                }



                echo "<button type='submit' class='btn btn-success'>Submit Quiz</button>";

                echo "</form>";

            } catch (PDOException $e) {

                echo "<div class='alert alert-error'>Error: " . htmlspecialchars($e->getMessage()) . "</div>";

                echo '<div class="actions"><a class="btn btn-secondary" href="../index.php">Back to dashboard -></a></div>';

            }



            $dbconn = null;

            ?>

  </div>

 </div>

</body>



</html>