Display the answer in HTML code because CGI-SCript could not hide

[kwan]

Hello

I used perl to generate the questions and answers for quiz, it comes
with problem when users have a little skill with Html code, when they
view the html source, they could see the answer. I used CGI script to
generate the questions and answers.

Could you give me any advice to solve the problem? I think to change
to Java Applet.

 

[Jürgen Exner]

Hello

I used perl to generate the questions and answers for quiz,

Would your question or the answer to it be any different if you were using
Basic or Fortran or C or Assembler to generate the questions or answers?

jue

 

[kwan]

The advice is very simple - do not send answers in the same page as question
;-)
I assume you have questions and answers in database, so send the question,
question-id as hiddend field and few radiobuttons where the value is answer
ID in database.
User select soem answer and click on Submit.
In next page check answer ID in database and send result (Good or Bad) to
user.
--

Petr Vileta, Czech republic
(My server rejects all messages from Yahoo and Hotmail. Send me your mail
from another non-spammer site please.)

I do not want to send the questions and answer into the html code, but
it is seem to be impossible to do that under Perl cgi,

 

[Tad McClellan]

^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^
^^^^^^^^^^^^


I do not want to send the questions and answer into the html code, but
it is seem to be impossible to do that under Perl cgi,

That is a pretty strange thing to say in reply to a message
that outlines how it *is* possible using CGI (whether written
in Perl or in any other language).

 

[kwan]

Maybe my english is too bad to explain my think ;-) I try to explaim my idea
again.

I have database where I have stored
1) question id
2) question text
3) some andswer texts, say 3
4) field where is number of right answer

An example of this table row:

qid | qtext | answ1 | answ2
| answ3 | good
-------------------------------------------------------------------------------------------
1 | What is Perl | Programming language | Food | Animal | 1
2 | Who is Petr | The idiot | Programmer | E.T.
| 2

In first step I send to browser qid as hidden field, qtext and 3
radiobuttons with answ1 ... answ3 texts and values from 1 to 3.
User select some radiobutton and click on Submit.
At this time I can send form and show another page with result, or I can use
Ajax to show result immediately.
--

Petr Vileta, Czech republic
(My server rejects all messages from Yahoo and Hotmail. Send me your mail
from another non-spammer site please.)

It is possible to send the questions and answers to the browser, and
the users have to choose the answer in each question, then the answers
have to compare to the correct answer in the database.

I still consider not secure, because the users could copy the
questions and answers in the html code form that easy accessable via
the view source code; furthermore,by storing the questions and answers
which users could access, it is possible for bad guys who can write a
program to copy all the questions and answer while taking the exam.

 

[Henry Law]

It is possible to send the questions and answers to the browser, and
the users have to choose the answer in each question, then the answers
have to compare to the correct answer in the database.

I still consider not secure, because the users could copy the
questions and answers in the html code form that easy accessable via
the view source code; furthermore,by storing the questions and answers
which users could access, it is possible for bad guys who can write a
program to copy all the questions and answer while taking the exam.

This is getting silly, and is nothing to do with perl. Let's try once
more: maybe different words will help since I realise that English is
not your first language.

(1) If you send information about the correct answer down with the
question then anyone who knows how can find it in the HTML. I know you
know that.
(2) Therefore the correct answer has to stay at the server until the
student has made her choice.
(3) Once the student has made her choice you have to tell her whether or
not it's right (you tell us): and if you allow the student to have more
than one go at the question then she can copy all the questions and the
correct answers. There is nothing you can do about that: it's a
fundamental part of the algorithm: tell the student anything,
information leaks out. And nothing to do with the choice of language,
Perl or otherwise.
(4) You could make it a bit harder for an individual student by only
letting her have one go at the question, and when she's wrong not
telling her which answer was right; by logging all quiz interactions;
and by not offering an option to take the quiz a second time. But
information still leaks each time the student interacts with the system.

 

[cartercc]

I do not want to send the questions and answer into the html code, but
it is seem to be impossible to do that under Perl cgi,

Do this:
1. Create the quiz in html, perhaps by using a <form> so that the
students can record their answers.
2. Upon submission of the form, have the answers sent to a script.
This script is not readeable by a browser since it lives outside your
www or public_html.
3. Your script will compare the answers received by the students with
the correct answers and compute the grade. Of course, you need to have
a means to separate each student's response. You may also want to
record the grade.
4. Then your script will generate some message for the student,
perhaps by email or perhaps by another html page so your students can
see their scores.

I think there's a book by Dubois that has Perl and MySQL in the title
that has this specific example. If you can get hold of a copy, it will
be pretty much written for you.

CC