Go Premium for a chance to win a PS4. Enter to Win


How to develop a time-restricted, secure script in javascript for an online-exam

Posted on 2008-10-27
Medium Priority
Last Modified: 2010-04-21

I am developing an online-exam script in PHP-MySQL and I wish to develop a good javascript script for the online-exam to accurately time exams and allow for forcefully ending exams after the time is over. Moreover I am interested in a really secure and safe way of doing this so as to be able to ensure that it can't be hacked or overridden by someone to be able to by pass the timer.

In my opinion javascript is probably the best option for doing something like this, but I may be wrong, in case anyone thinks that this should be/could be done using some other language, please do let me know that too.

I hope I can get good help on this, if there is some javascript framework/script already available that does this, nothing like it, otherwise I would appreciate if the experts here to give me tips  and pointers as to how I should probably go about doing this. I am an amateur in javascript.
Question by:dhruvasagar
  • 4
  • 2
LVL 18

Accepted Solution

Pawel Witkowski earned 195 total points
ID: 22811229
Javascript and security are opposit words ^^. It depends how much security u want to achieve. If it's only time - its no problem, just get time of opening session in PHP and just show it with javascript. Even if someone hax it in javascript you will do all calculations in PHP. But time in exams are not so important like cheating (giving answers to someone else). So what I could advice is to make random order generator of questions with random order of answers in this question (i assume that this is a ABCD test). What more... You have to turn of select and copy on whole page, but ppl always can make screenshots so in fact to make it most secure - everyone have to do it at once. Any other questions?
LVL 18

Expert Comment

by:Pawel Witkowski
ID: 22811235
I got once a classes with teacher that made this test via internet. They got this functionality, but studest found their way to cheat otherway so I dont even know is this worth of effort.

Author Comment

ID: 22811287
Well I am not so much bothered about people cheating, randomizing the questions as well as the answer options is something that I was going to do in the first place. Thanks for that anyways.

My major concern is to ensure that once a user starts a test, the time flow is accurate and that its not easily bypassed and also to be able to detect when the time is over.

Your suggestion regarding using PHP sessions is good in this respect, but I am not sure how to go about using it, if the user is one page and the time is over...is there a way in php to detect that? php doesn't have such event handling, or does it? Can you give me just a few more inputs for the same?
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 16

Assisted Solution

sh0e earned 180 total points
ID: 22811654
If you want to use JavaScript, setTimeout("JavaScript to eval",milliseconds) is more accurate than setInterval.  Just have setTimeout recursively call itself to emulate setInterval.
Counting time using JavaScript will be troublesome, and I don't recommend it.  Refreshing, accidental navigation, human error, will give you headaches.  And anyone with a bit of tech knowledge could bypass it.

The best way would be to count the time on the server side (PHP), and just refuse any more submissions after a certain amount of time.  A straight-forward solution would be to store the starting time in the DB, and then check the time to see if their time is up.  Sessions, if you know how to implement it, would also work.

If you want to ensure the student gets as many problems as he has done submitted, I would recommend submitting (with AJAX perhaps) what they have after each problem they do, or just using a JavaScript timer warning them that the time is nearly over.


Author Closing Comment

ID: 31510237
Thanks a lot!
LVL 18

Expert Comment

by:Pawel Witkowski
ID: 22811868
It depends - do you want to finish user test at once, or do you want to make them finish test BEFORE time ends. In second case - its their problem if they hax javascript or no, but PHP will store absolute number for it. Doing it from javascript... well - it might be really difficult to achieve. Mine idea is to make sure that javascript sends AJAX requests for every 1 min to PHP. PHP stores this information to know how much time left. With this request you could store actuall test progress, so if someone just hax javascript - his test is equal to last sent solution. But this do not solves  problem when someone stops AJAX calls - unless you do not send any other question untill for example first one is answered.

In fact what I would propose is:

- Use AJAX,
- show random question and random order of answers,
- show only one question at once,
- every time your user gets new question, update time counter in PHP

that should do the trick... I think
LVL 18

Expert Comment

by:Pawel Witkowski
ID: 22811882
Last post was for dhruvasagar comment

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Having worked on larger scale sites, we found out that you are bound to look at more scalable solutions to integrating widgets, code snippets or complete applications and mesh them into functional sites, in any given composition. To share some of…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question