Recommendation for POST vs GET

Question

I'm working on some quiz script, found one from internet, everything works like a charm, but i need to modify for security reasons. Actually i use $_GET , but i'm afraid about sql injections.

I'll let here all my script, and if someone can help me with suggestions, will be great. I tried so many things to make script non-vulnerable, but even .htaccess didn't helped me!

1.php quiz page with form

<?php
    //Set question number
    $number = (int) $_GET['n'];

    //Get total number of questions
    $query = "select * from questions";
    $results = $mysqli->query($query) or die($mysqli->error.__LINE__);
    $total=$results->num_rows;

    // Get Question
    $query = "select * from `questions` where question_number = $number";

    //Get result
    $result = $mysqli->query($query) or die($mysqli->error.__LINE__);
    $question = $result->fetch_assoc();


    // Get Choices
    $query = "select * from `choices` where question_number = $number";

    //Get results
    $choices = $mysqli->query($query) or die($mysqli->error.__LINE__);

 ?>

<?php echo $question['question'] ?>

<form method="post" action="../p/process.php" class="table-responsive">
<?php while($row=$choices->fetch_assoc()): ?>

<button type="submit" class="btn btn-info btn-block" name="choice" value="<?php echo $row['id'] ?>"><?php echo $row['choice']; ?></button>

<?php endwhile; ?>
                                                                                <input type="hidden" name="number" value="<?php echo $number; ?>" />
</form>

process.php page

 //Check to see if score is set_error_handler
    if (!isset($_SESSION['score'])){
       $_SESSION['score'] = 0;
    }

//Check if form was submitted
if($_POST){
    $number = $_POST['number'];
    $selected_choice = $_POST['choice'];
    $next=$number+1;
    $total=10;

    //Get total number of questions
    $query="SELECT * FROM `questions` LIMIT 10";
    $results = $mysqli->query($query) or die($mysqli->error.__LINE__);
    $total=$results->num_rows;

    //Get correct choice
    $q = "select * from `choices` where question_number = $number and is_correct=1";
    $result = $mysqli->query($q) or die($mysqli->error.__LINE__);
    $row = $result->fetch_assoc();
    $correct_choice=$row['id'];



    //compare answer with result
    if($correct_choice == $selected_choice){
        $_SESSION['score']++;
    }

    if($number == $total){
        header("Location: ../final.php");
        exit();
    } else {
            header("Location: ../f/1.php?n=".$next."&score=".$_SESSION['score']);
    }
}

As like i said, everyhing works fine, i'm ussing that script for 2 months already, but i'm afraid. Current URL looks like: f/1.php?n=1&score=1 Will be nice if someone can help me. Thank you

Respectfully, what are you looking for? It's not very clear. — Russ J, Apr 03 '19 at 02:27
Some examples on how i can edit my current script, because i'm beginer on php, and only that way i can learn something. Thank you! — David Claudiu, Apr 03 '19 at 02:31
What do you mean by "edit your script"? Are you experiencing any specific issues? You will find your results on this site will increase a LOT if you ask specific questions. I'd advise you to review the question guide. https://stackoverflow.com/help/how-to-ask — Russ J, Apr 03 '19 at 02:59
Two things: 1) the link @RussJ gave you is absolutely the biggest thing you need to fix in your script. You have a glaring security hole by not using prepared statements. 2) $_GET is not a problem at all when used for its intended purpose. Research http verbs: get is used to retrieve data; post (including put and delete) changes data. But either way, it’s user supplied and not to be trusted. — Tim Morton, Apr 03 '19 at 23:00

Recommendation for POST vs GET

0 Answers0