commit a7a11144b7e5490685801642b1e8c1cbd9e0adb0
parent 5e29c2f36102472e04e86ac913c83ea7478f8699
Author: jkubach <johnkubach@gmail.com>
Date: Sun, 16 Dec 2018 17:15:18 -0500
add questions page update
dissallow direct access to questions.php
Diffstat:
2 files changed, 15 insertions(+), 9 deletions(-)
diff --git a/website/questions.php b/website/questions.php
@@ -1,12 +1,17 @@
+<p> Enter the questions for your survey </p>
<?php
session_start();
-$questions = $_SESSION['questions'];
- echo "<form method = 'POST' action = 'res/submit-questions.php'>";
- for($counter = 0; $counter < $questions; $counter++)
- {
- echo "<input type = 'text' name = 'questions[]' class = 'questions'/><br/>";
- }
- echo "<input type = 'submit' value = 'SEND'/>";
- echo "</form>";
+if (isset($_SESSION['questions'])) {
+ $questions = $_SESSION['questions'];
+ echo "<form method = 'POST' action = 'res/submit-questions.php'>";
+ for($counter = 0; $counter < $questions; $counter++) {
+ echo "<input type = 'text' name = 'questions[]' class = 'questions'/><br/>";
+ }
+ echo "<input type = 'submit' value = 'SEND'/>";
+ echo "</form>";
+} else {
+ header("Location: res/nope.php");
+ exit();
+}
?>
diff --git a/website/res/submit-questions.php b/website/res/submit-questions.php
@@ -18,7 +18,8 @@ include_once '../config.php';
VALUES ('$survey_id', $counter + 1, '$q');";
mysqli_query($connect, $sql) or die(mysqli_error($connect));
- }
+ }
+ unset($_SESSION["questions"]);
header("Location: ../success.php");
exit();
?>
