I am currently in the process of creating a Quiz Builder, I am having a slight issue with some DB inserts. What I am trying to do within the code is insert a Quiz Title and Description to the Quiz table which will in turn create a Quiz ID. I want to insert this Quiz ID along with Class ID values from the checkbox. Any suggestions/advice would be greatly appreciated.
Note: I know I should be using prepare statements compared to what I am currently using. I am planning on fixing this issue once I get my main functionalities working.
<form method="post" action="#">
<p>
<label>Quiz Title: </label>
<input type="text" placeholder="Insert Quiz Title here" name="quizTitle" class="form-control" />
</p>
<p>
<label>Quiz Description: </label>
<input type="text" placeholder="Insert Quiz Description here" name="description" class="form-control" />
</p>
<?php
$showAllClasses = "SELECT * FROM class";
mysqli_query($mysqli, $showAllClasses) or die ('Error finding Classes');
$showClassesResult = mysqli_query($mysqli, $showAllClasses);
echo"<table border='1' cellpadding='10' align='center'>";
echo "<tr><th></th><th>Class ID</th><th>Class Name</th><th>Class
Description</th></tr>";
//while ($row = mysqli_fetch_assoc($result)){
while ($row = $showClassesResult->fetch_object()){
echo "<tr>";
echo "<td><input type='checkbox' id='" .$row->classID . "' name='check_box[]' value='" .$row->classID . "'></td>";
echo "<td>" .$row->classID . "</td>";
echo "<td>" .$row->className . "</td>";
echo "<td>" .$row->classDesc . "</td>";
//echo "<td><button type='button' name='add' id='add' data-toggle='modal' data-target='#questionType' class='btn btn-success'>Edit Students</button></td>";
echo "</tr>";
}
if (isset($_POST['submit'])) {
//Get POST variables
$quizTitle = '"' . $mysqli->real_escape_string($_POST['quizTitle']) . '"';
$description = '"' . $mysqli->real_escape_string($_POST['description']) . '"';
//echo $quizTitle;
//echo $description;
$getQuizIDQuery = "SELECT quizID FROM quiz ORDER BY quizID DESC LIMIT 1";
mysqli_query($mysqli, $getQuizIDQuery) or die ('Error getting Quiz ID');
$result = mysqli_query($mysqli, $getQuizIDQuery);
//$insertedQuizId = $mysqli->insert_id;
//Question query
$quizCreationQuery = "INSERT INTO quiz (quizTitle, description) VALUES($quizTitle, $description)";
foreach ($_POST['check_box'] as $classID) {
$ClassQuizQuery = "INSERT INTO quiz_class(classID, quizID) VALUES ('$classID', '$result')";
//$insert_ClassQuiz = $mysqli->query($ClassQuizQuery) or die($mysqli->error . __LINE__);
//Run Query
$insert_row = $mysqli->query($quizCreationQuery) or die($mysqli->error . __LINE__);
}
}
?>
</table>
<div align="center">
<input type="submit" name="submit" value="Submit"
class="btn btn-info"/>
</div>
</form>