Comparing value submitted by user to database, redirecting based on results

I am trying to build a webpage, that allows users to enter a code (numbers and letters only). Based on if the code is a “winner”, it will redirect them to a “winner” page on my website. Otherwise, it will redirect them to a “losing” page. I’m new to this, but I’m trying to learn!

HTML:

<h1>Break Open Your Code</h1>
<form target="_blank" action="phpfile.php" method="POST">
    <input type="hidden" name="code" value="1" />
    <label>Enter Your Code Here</label> 
    <input type="text" name="answer" /> 
    <input onclick="window.location.href = 'results-page.html';" type="submit" value="Check your Code" />
</form>

JavaScript
​x
 
<h1>Break Open Your Code</h1><form target="_blank" action="phpfile.php" method="POST">    <input type="hidden" name="code" value="1" />    <label>Enter Your Code Here</label>     <input type="text" name="answer" />     <input onclick="window.location.href = 'results-page.html';" type="submit" value="Check your Code" /></form>​

PHP:

<?php
// Connect to your MySQL database
$dbhst = "localhost";
$dbnme = "mydatabase"; 
$bdusr = "myusername";
$dbpws = "mypassword";

// Using PDO to connect

$conn = new PDO('mysql:host='.$dbhst.';dbname='.$dbnme, $bdusr, $dbpws);

// Getting variables
$answer = $_POST['answer'];
$questionID = $_POST['questionID'];

// Comparing answers

try {

    $stmt = $conn->prepare('SELECT * FROM table_with_answers WHERE question='" . $questionID . "' and answer='". $answer . "' LIMIT 0,1');
    $stmt->execute();

    $result = $stmt->fetchAll();

    if ( count($result) ) {
        foreach($result as $row) { 
            echo 'Congrats, you've entered a correct code';
            // Do Something Else
        }
    } else {
        echo 'Your code did not win. Please try again.';
        exit;
    }
} catch(PDOException $e) {
    echo 'ERROR: ' . $e->getMessage();
}
?>

JavaScript
 
<?php// Connect to your MySQL database$dbhst = "localhost";$dbnme = "mydatabase"; $bdusr = "myusername";$dbpws = "mypassword";​// Using PDO to connect​$conn = new PDO('mysql:host='.$dbhst.';dbname='.$dbnme, $bdusr, $dbpws);​// Getting variables$answer = $_POST['answer'];$questionID = $_POST['questionID'];​// Comparing answers​try {​    $stmt = $conn->prepare('SELECT * FROM table_with_answers WHERE question='" . $questionID . "' and answer='". $answer . "' LIMIT 0,1');    $stmt->execute();​    $result = $stmt->fetchAll();​    if ( count($result) ) {        foreach($result as $row) {             echo 'Congrats, you've entered a correct code';            // Do Something Else        }    } else {        echo 'Your code did not win. Please try again.';        exit;    }} catch(PDOException $e) {    echo 'ERROR: ' . $e->getMessage();}?>​

Answer

Remove onclick="window.location.href = 'results-page.html';"

and modify <input type="hidden" name="code" value="1" />

to <input type="hidden" name="questionID" value="1" />

HTML :

<h1>Break Open Your Code</h1>
<form target="_blank" action="phpfile.php" method="POST">
    <input type="hidden" name="questionID" value="1" />
    <label>Enter Your Code Here</label> 
    <input type="text" name="answer" /> 
    <input type="submit" value="Check your Code" />
</form>

JavaScript
 
<h1>Break Open Your Code</h1><form target="_blank" action="phpfile.php" method="POST">    <input type="hidden" name="questionID" value="1" />    <label>Enter Your Code Here</label>     <input type="text" name="answer" />     <input type="submit" value="Check your Code" /></form>​

save html file to form.html

now modify phpfile.php

add header("Location: winner.html"); if code is correct

add header("Location: losing.html"); if code is incorrect

PHP :

<?php
// Connect to your MySQL database
$dbhst = "localhost";
$dbnme = "mydatabase"; 
$bdusr = "myusername";
$dbpws = "mypassword";

// Using PDO to connect

$conn = new PDO('mysql:host='.$dbhst.';dbname='.$dbnme, $bdusr, $dbpws);

// Getting variables
$answer = $_POST['answer'];
$questionID = $_POST['questionID'];

// Comparing answers

try {

    $stmt = $conn->prepare("SELECT * FROM table_with_answers WHERE question='" . $questionID . "' and answer='". $answer . "' LIMIT 0,1");
    $stmt->execute();

    $result = $stmt->fetchAll();

    if ( count($result) ) {
        foreach($result as $row) { 
            // echo 'Congrats, you've entered a correct code';
            header("Location: winner.html");
        }
    } else {
        // echo 'Your code did not win. Please try again.';
        header("Location: losing.html");
        exit;
    }
} catch(PDOException $e) {
    echo 'ERROR: ' . $e->getMessage();
}
?>

JavaScript
 
<?php// Connect to your MySQL database$dbhst = "localhost";$dbnme = "mydatabase"; $bdusr = "myusername";$dbpws = "mypassword";​// Using PDO to connect​$conn = new PDO('mysql:host='.$dbhst.';dbname='.$dbnme, $bdusr, $dbpws);​// Getting variables$answer = $_POST['answer'];$questionID = $_POST['questionID'];​// Comparing answers​try {​    $stmt = $conn->prepare("SELECT * FROM table_with_answers WHERE question='" . $questionID . "' and answer='". $answer . "' LIMIT 0,1");    $stmt->execute();​    $result = $stmt->fetchAll();​    if ( count($result) ) {        foreach($result as $row) {             // echo 'Congrats, you've entered a correct code';            header("Location: winner.html");        }    } else {        // echo 'Your code did not win. Please try again.';        header("Location: losing.html");        exit;    }} catch(PDOException $e) {    echo 'ERROR: ' . $e->getMessage();}?>​

create html winner.html and losing.html

winner.html : Congrats, you've entered a correct code

losing.html : Your code did not win. Please try again.

Advertisement

Answer