Home      Products & Services      Contact Us      Links

WebHatchers will design & develop your site for you.

Website Menu Heaven: menus, buttons, etc.

Send us your questions.

site search by freefind

SEO, Google, Privacy
   and Anonymity
Browser Insanity
Popups and Tooltips
Free Website Search
HTML Form Creator
Buttons and Menus
Image Uploading
Website Poll
IM and Texting
   or Not MySQL
Personal Status Boards
Content Management
Article Content
   Management Systems
Website Directory
   CMS Systems
Photo Gallery CMS
Forum CMS
Blog CMS
Customer Records
   Management CMS
Address Book CMS
Private Messaging CMS
Chat Room CMS
JavaScript Charts
   and Graphs

Free Personal Status Boards (PSB™)

Free Standard Free PSB

Free PSB Pro Version

Free Social PSB

Free Social PSB Plus (with Email)

Free Business PSB

Free Business PSB Plus (with Email)

PSB demo

Social PSB demo

Business PSB demo

So what's all this PSB stuff about?

Chart comparing business status boards

PSB hosting diagram

PSB Licence Agreement

Copyright © 2002 -
MCS Investments, Inc. sitemap

PSBs, social networking, social evolution, microcommunities, personal status boards
PSBs, social networking, business personal status boards
website design, ecommerce solutions
website menus, buttons, image rotators
Ez-Architect, home design software
the magic carpet and the cement wall, children's adventure book
the squirrel valley railroad, model railroad videos, model train dvds
the deep rock railroad, model railroad videos, model train dvds

Add a Guest to a PHP Guestbook

In the code below, we show one third of the code needed for a website guestbook. The code in which the sign-in data gets submitted via an HTML form is in the file PHP-guestbook.php, explained in Script to Sign In to Guestbook. And the code in which the guestbook data gets viewed is in the file view-our-guestbook.php, explained in Script to View Our Guestbook.

According to wikipedia, "a guestbook is a paper or electronic means for a visitor to acknowledge their visitation to a site, physical or web-based, and leave their name, postal or electronic address (if desired), and a comment or note, if desired." Paper-based guestbooks are traditional in hotels, churches, at weddings, funerals, Bed and Breakfasts, museums and other private facilities. Even some private homes maintain guestbooks. Funeral homes maintain guestbooks and online memorials keep alive the memory of the dealy departed. Using guestbooks, you can build a sense of community with your site visitors and get feedback from these site visitors as well.

PHP Guestbook Sign-in

PHP Guestbook Viewing

This script processes the data sent to it from the action script in the form on the PHP-guestbook.php page. It is the form's form handling script. It will be trimming the data if it is too long, throwing out unacceptable characters, and running a security function on the data before sticking it into the MySQL database table called guestbook.

Now—on to the script code:

After using the config.php file to get the necessary magic words for db connection, we put all the data POSTed to this script into PHP variables. Then we use the built-in PHP date() function to put date and time into the variable $datetime.

Next, if they got the correct answer to the captcha question, the rest of the script is allowed to run. If not, what runs is the else at the end of the script in which the alert box displays "Wrong captcha answer." Then the user is returned to the sign-in page, PHP-guestbook.php.

If they solved the captcha the script will next trim all the POSTed data with the PHP substring function substr(). Then regular expression replacement patterns are defined for name, email/url, and comment, respectively. You may decide for yourself what characters are allowed and what are not. Next, the PHP strip_tags() function gets all the dangerous and undangerous HTML tags out of the data since if they are there it likely indicates that some ass clown is trying to play fast and loose with your MySQL database. (Take THAT, you nasty tags from you nasty hackers.)

Next, all the unacceptable characters vanish in a puff of smoke via the preg_replace() function, to be replaced by an empty string, i.e., nothing, nada, bupkiss, zip. (Take THAT, you nasty characters.) Then we make the data (relatively) safe for inserting in a db table via the PHP function mysql_real_escape_string(). Don't put stuff into your db without it, unless only YOU, the trusted webmaster are entering it via this script or directly into the db table via phpMyAdmin, which is an open source tool written in PHP intended to handle the administration of MySQL over the World Wide Web. It is, we have found out from experience, an invaluable tool if you use MySQL databases.

Finally, we insert the data, all filtered and washed and sparkly clean, into the db table. If the MySQL query worked okay, we give the user the message "Entries were made OK." Then they see the link that will let them View the Guestbook. If the db table data INSERTing failed, the JavaScript alert "Entries were NOT made—something went wrong." shows up and the user is sent back to the sign-in page. Note that the first message is just echoed text and the second is a JavaScript alert. Serious users leave JavaScript on, so this is okay. We tend to use JavaScript alerts when we need the script to pause while the user clicks OK, and simple echoes of text when the script does not take the user back to the calling script automatically via window.location="somepage.php".

This file is named: add-a-guest-to-guestbook.php

<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>PHP Guestbook Add a Guest Script</TITLE>
<meta name="description" content="PHP Guestbook Add a Guest Script">
<meta name="keywords" content="PHP Guestbook Add a Guest Script,Guestbook Script,add guest,php,mysql,dhtml, DHTML">




$datetime=date("y-m-d h:i:s");


$pattern1 = '/[^a-zA-Z0-9\\_\\s]/i';
$pattern2 = '/[^a-zA-Z0-9\\.\\,\\!\\;\\-\\_\\*\\@\\=\\+\\$\\/\\&\\[\\]\\#\\?\\047\\:\\(\\)]/i';
$pattern3 = '/[^a-zA-Z0-9\\s\\.\\,\\!\\;\\-\\_\\"\\?\\047\\:\\(\\)]/i';
$replacement = '';
$websiteURL=preg_replace($pattern2, $replacement, $websiteURL);
$comment=preg_replace($pattern3, $replacement, $comment);
$email=preg_replace($pattern2, $replacement, $email);
$name=preg_replace($pattern1, $replacement, $name);

$sql="INSERT INTO guestbook(name, email, websiteURL, comment, datetime)
VALUES('$name', '$email', '$websiteURL', '$comment', '$datetime')";

echo "<div style='margin:100px 0 0 400px'>Entries were made OK.";
echo "<BR>";
echo "<a href='view-our-guestbook.php'>View our guestbook</a></div>";
}else{echo '<script language="javascript">alert("Entries were NOT made—something went wrong."); window.location="PHP-guestbook.php";</script>';}

}else{echo '<script language="javascript">alert("Wrong captcha answer."); window.location="PHP-guestbook.php";</script>';}