如何阻止他们插入答案/帖子？ （以及如何添加错误消息？）

Question

我在调查问卷中使用此代码，如何阻止他们插入答案/帖子？如果他们还没有点击所有单选按钮，那么在系统中给出的问题是什么？以及如何在问题之外添加错误消息？

<小时/>

if(isset($_POST['question']))
{
    $AddQuery = "INSERT INTO tblevaluate (evaluateid,professorid,professorname,studentid,course,section,subjectid,subjectname) VALUES ('','$server_professorid','$server_name',' $username','$course','$section','$server_subjectid','$server_subject')";
    mysql_query($AddQuery, $connect);
    $id = mysql_insert_id();

    foreach($_POST['question'] as $questionId => $answer)
    {
        $AddQuery = "INSERT INTO tblanswer (answervalue,evaluateid,professorid,professorname,studentid,course,section,subjectid,subjectname) VALUES ($answer,$id,$server_professorid,'$server_name',$username,'$course','$section',$server_subjectid,'$server_subject')";
        mysql_query($AddQuery, $connect);
        header('Location: evaluate.php');
    }
}

while($row = mysql_fetch_array($result))
{

    echo "<br>";
    echo "<strong>" . $row["questionno"] . ".</strong> " . $row["question"] . "";
    echo "<br>";
    echo "<input type = radio name = 'question[". $row ["questionid"] . "]'  value = '5'/><label>5</label>";
    echo "<input type = radio name = 'question[". $row ["questionid"] . "]'  value = '4'/><label>4</label>";
    echo "<input type = radio name = 'question[". $row ["questionid"] . "]'  value = '3'/><label>3</label>";
    echo "<input type = radio name = 'question[". $row ["questionid"] . "]'  value = '2'/><label>2</label>";
    echo "<input type = radio name = 'question[". $row ["questionid"] . "]' value = '1'/><label>1</label>";
    echo "<br>";
    echo "<hr size = 5 color = black noshade >";
}

Answer 1

答案来自user2864740

Make the radio groups required是阻止表单提交的最简单方法。为了“真正安全”，您还需要确保将所有值设置为服务器上的允许值，但是meh - 当存在Blatant SQL Injection漏洞时，甚至没有任何关于这一点的讨论。此外，您的表格很难正常化。 - user2864740