0

I am trying to insert single form value called multiple times using ajax call to mysql in php with submit all button . I have store all the forms data to localStorage. But when I am trying to insert all the values to mysql one form value is inserting and other form values is taking null value.

**loadquestions1.php**

<form method="post">
        <table>
            <tr>
                <td>
                    <?php echo "<h5>Question: ".$question_no ."</h5><h5> ".$question_title ."</h5>"; ?>
                </td>
                    
            </tr>
        </table>
        
     
    <div class="center">
    
      <textarea placeholder="Write your answer here..." class="outer persisted-text" name="pt<?php echo $question_no; ?>" id="persisted-text" onchange="changeBack();" rows="10" cols="100"></textarea>
        <span><input type="hidden" name="question_no<?php echo $question_no; ?>" value="<?php echo $question_no; ?>" /></span>
        <span><input type="hidden" name="question_title<?php echo $question_no; ?>" value="<?php echo $question_title; ?>" /></span>

    </div> 

     <button class="btn btn-success" name="save">Save</button>
    
    

<?php } ?>
</form>

function load_questions1(questionno)
{
    document.getElementById("current_que").innerHTML=questionno;
    
    
    var xmlhttp = new XMLHttpRequest();
    xmlhttp.onreadystatechange=function() {
        if(xmlhttp.readyState == 4 && xmlhttp.status == 200)
        {
            
            if(xmlhttp.responseText=="over")
            {
                window.location="result.php";
                alert("hello");
            }
            
            else
            {
                document.getElementById("load_questions1").innerHTML=xmlhttp.responseText;
                load_total_que();
            
    
    var supported = '',
    unsupported = 'Oh no! Your browser does not support localStorage.';
if (window.localStorage) {
    $('.persisted-text').keyup(function () {
        localStorage.setItem(this.name+questionno, this.value);
    }).val(function () {
        return localStorage.getItem(this.name+questionno) || supported
    })
} else {
    $('.persisted-text').val(unsupported);
}

    
            }
            
        }
    };
    
    xmlhttp.open("GET", "forajax/load_questions1.php?questionno="+ questionno, true);
    xmlhttp.send(null);
    
}
**config.php**

if (isset($_POST['save'])) {

        
        $size = sizeof($_POST);
        $number = $size/3;

        $query = "SELECT * FROM add_question where online_exam_title='$_SESSION[add_exam]'";
        $data = mysqli_query($conn, $query);
        $count=mysqli_num_rows($data);
        
        for($i=1;$i<$count;$i++) {
      
        $index1 = 'pt'.$i;
        $pt[$i] = $_POST[$index1];
        $index2 = 'question_no'.$i;
        $question_no[$i] = $_POST[$index2];
        $index3 = 'question_title'.$i;
        $question_title[$i] = $_POST[$index3];
  //$question_no = $_POST['question_no'];
    
    $sql="INSERT INTO subjective_answer (placeholder, exam_type, username, question_no, question_title) VALUES ('$pt[$i]', '$_SESSION[add_exam]', '$_SESSION[username]', '$question_no[$i]', '$question_title[$i]')";


    

    $result=mysqli_query($conn,$sql);
  
}


  if($result)
  {
   echo "record inserted";
  }
        
}
Abhishek Kamal
  • 670
  • 6
  • 18
Moin Syed
  • 120
  • 7
  • Try to see the content of $_POST on form processing page. – Abhishek Kamal Aug 10 '20 at 04:07
  • That is what I am asking. what to do there? – Moin Syed Aug 10 '20 at 08:04
  • Are you getting all form key and value pair in $_POST ? – Abhishek Kamal Aug 10 '20 at 08:22
  • No. It is showing undefined index – Moin Syed Aug 10 '20 at 08:24
  • Remove the **null** from `xmlhttp.send(null)`; – Abhishek Kamal Aug 10 '20 at 08:40
  • Still facing the same issue – Moin Syed Aug 10 '20 at 09:10
  • You have any other idea to resolve this? – Moin Syed Aug 10 '20 at 09:16
  • How are you fetching the form values when submit button clicks, Update your question with this code too and what is the content of `questionno`. Please update mentioned info in your ques description. – Abhishek Kamal Aug 10 '20 at 10:04
  • **Warning:** You are wide open to [SQL Injections](https://stackoverflow.com/a/60496/1839439) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) – Dharman Aug 10 '20 at 10:34

0 Answers0