1

I am trying to implement an Online testing. I found two ways to check user selected answers.

way1

 <div class="qContainer" index="0"> 
    Who has socred 100 centuries in Internationa cricker?
    <ul>
      <li> <input type="radio" value"Sachin">Sachin</input>
      <li> <input type="radio" value"Don">Don Bradman</input>
      <li> <input type="radio" value"Steve">Steve waugh</input>
      <li> <input type="radio" value"Saeed">Saeed</input>
    </ul>
 </div>

In this method, I am storing answer in the question itsef[index=0]. But user can cheat this.

way2

send farm data to the server through ajax post method.

 $.ajax({
    url: "testResult.php",
    type:"POST",
    data: $("#formID").serialize()
 });

With this methond, Url gets changed with the selected answer. [i.e answers are posted through post method] And check result in the php page against db data and display the result to the user.

Please let me know is there any other ways to achieve this better than this two. And what are the drawbacks in these methods?

Gibbs
  • 21,904
  • 13
  • 74
  • 138

2 Answers2

1

One approach could look like that: Generate the according form on the server side and do not include the answer in the form but store the question <-> answer mapping inside the user session. When the form is sent back to the server, validate the user answers against the right answers stored in your session and send an according response to the user.

How you send the form back to the server (by ajax or just the html way) makes no difference.

tworabbits
  • 1,203
  • 12
  • 17
  • You mean, Same php file to retrive questions and validate them. – Gibbs May 16 '15 at 11:36
  • Whether it is the same php file or not does not matter. The important thing is that you do not include the answers to your questions anyhow in your source code since anybody who is able to view the questionnaire might be able to have a look at the source code as well. And if you store your mappings in the user session you could have two separate php files, one for generating the questionnaire and one for evaluating it. But it might make sense to use the same php file for generating and evaluating in order to be able to show some feedback to the user right inside your form. – tworabbits May 16 '15 at 11:40
  • Thanks. Let me try this. plus1 – Gibbs May 16 '15 at 11:41
1

This is very easy to understand.

way1
If you are retrieving and storing the answer with the questions itself then surely if the person using your site know how to use inspect element and view source and other things like this then he will cheat surely, you cannot do anything about that.

way2
Using the ajax is the only option you have if need security. After user clicks on the answer send ajax call and store that value in database and then check at the back end if the answer is right or wrong, then show it the user if his answer was right or wrong in ajax response. Drawback of this is that there will be more server side processing but you need more secure application then you have to bear that. You can also look into caching services available to reduce the hits on your database.

I hope this heps you.

Sourabh Kumar Sharma
  • 2,864
  • 3
  • 25
  • 33
  • Can you please provide some links or elaborate caching serfices – Gibbs May 16 '15 at 11:35
  • @GopsAB, it first depends on your hosting service provider which caching service he is providing you and you will need to code accordingly. But logic is like this if some data is there in cache then you will not query the database or else you will query. A helpful link for you: http://stackoverflow.com/questions/4779523/how-to-use-memcache-with-php – Sourabh Kumar Sharma May 16 '15 at 11:39