Question 41220 in PHP Question posted in
Official manual can be found here.

how can i save a js variable in a php table?

after calculating the grade of a quiz in a js file i’m trying to take that variable to update the grade, of that particular student in a php file.

the script is executed in the user area where the user id is set.

errors: The indicated user is not updated, probably the variable doesn’t arrive or php is not set up properly;

to transport the grade variable from js to the php file i used this code which is executed at the end of the quiz

quiz.js

var vote = userScore * 10;

window.open('/php/vote.php?vote='+vote);

private-area.php

<?php
    require 'php/config.php';

    $_SESSION["id_utente"];

    $sessionId = $_SESSION["id_utente"];
    
    $user = mysqli_fetch_assoc(mysqli_query($connessione, "SELECT * FROM utenti WHERE id_utente = $sessionId"));
?>

vote.php (first time i update)

<?php

require_once('config.php');

$var_voto = $_GET['vote'];


if($connessione->connect_error){
    echo "Registrazione avvenuta con successo";

    $query = $connessione->prepare("UPDATE utenti SET voto = $var_voto  WHERE id = $user ");
    $query->bind_param('voto', $id);
    $result = $query->execute();

}else{
    echo "Error";
}


?>
Tags:

2

Answers


  1. 0

    Your mysql appears incorrect. You shouldn’t be using variables inside SQL queries, certainly not with prepared statements to avoid any SQL injection.

    Try

    $query = $connessione->prepare("UPDATE utenti SET voto = ? WHERE id = ?");
$query->bind_param('ii', $var_voto, $user);
$result = $query->execute();

    This is assuming that voto and id in your database are integer types. If they are strings/varchar replace ii with ss in bind_param.

    By way of an explanation, use ? to specify parameterised data inside your prepared query and bind them with the data using bind_param. The first argument is the data type, we’re using i for integers in the above code, and two of them (i.e. ii) because we’re binding two parameters ($var_voto and $user) See https://www.php.net/manual/en/mysqli-stmt.bind-param.php for more.
    The second, third, forth, fifth etc argument are the variables containing the data we wish to insert (or bind) to the query.

    Login or Signup to reply.
  2. 0

    You can use bindParam like below

    $query = $connessione->prepare("UPDATE utenti SET voto = :var_voto WHERE id = :user ");

    $query->bindParam(‘:var_voto’,$var_voto);

    $query->bindParam(‘:user’, $user );

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search