PHP Tutorial: Guestbook for beginner
News December 22nd, 2005This is just a tutorial, there are still having some security vulnerabilities.
DO NOT USE THESE SCRIPT FOR PRODUCTION PURPOSES!
Before i start i assume you all already has the WAMP or LAMP environment to test out the script. If you do not have PHP and MySQL install in your PC, you might want to take a look at my previous post "How to install AMP (apache, mysql and php) in window xp".
Let’s start:-
CREATE TABLE guestbook (
id int(7) not null primary key auto_increment,
fullname varchar(50) not null,
email varchar(100),
website varchar(100),
comment text not null,
created datetime not null
)
Copy and paste the code above and execute it in your mysql database. Once this script is executed, you will see a new table named ‘guestbook’ created
Ok now the database structure is ready, we can start our code now:-
First we need a form for user to key in their comment:-
Save this file as index.php
<html>
<head>
<title>Guestbook system</title>
</head>
<body>
<?php
require_once(‘class.guestbook.php’);
$g = new GuestBook();
if($_POST[‘action‘] == ‘Submit‘) {
// if user press on Submit button it will capture user input
// and save into database table
$g -> fullname = $_POST[‘fullname‘];
$g -> email = $_POST[‘email‘];
$g -> website = $_POST[‘website‘];
$g -> comments = $_POST[‘comments‘];
if(!$msg = $g -> save()) {
$msg = ‘Your comment has been added successfully‘;
}
$msg .= ‘<br><br>‘;
}$comments = $g -> getAllComments();
if(!empty($comments)) {
foreach($comments as $i => $val) {
$content .= ‘<div style="border:1px solid #cccccc; background-color:#EBEBC2;">‘;
$content .= $val[‘fullname‘] . ‘ – ‘ . date(‘d M Y H:i‘, strtotime($val[‘created‘])) . ‘<br>‘;
$content .= $val[‘email‘] . ‘<br>‘;
$content .= $val[‘website‘] . ‘<br>‘;
$content .= $val[‘comment‘] . ‘<br>‘;
$content .= ‘</div><br>‘;
}
} else {
$content = ‘No record in your guestbook.’;
}
echo $msg;
echo $content;
?>
<form name="form1" method="post" action="">
Name: <input type="text" name="fullname">
<br>
Email: <input type="text" name="email">
<br>
Website: <input type="text" name="website">
<br>
Comments:<br> <textarea name="comments" cols="30" rows="5"></textarea><br>
<input type="submit" name="action" value="Submit">
</form>
</body>
</html>
Then we will developed a class to store and retrieve all the data to and from the database.
replace your mysql_user and mysql_password with your username and password.
class.guestbook.php
<?php
class GuestBook {
var $id;
var $fullname;
var $email;
var $website;
var $comments;
var $created;
var $conn;
var $query;
function GuestBook() {
$this -> conn = mysql_connect(‘localhost’, ‘mysql_user’, ‘mysql_password’) or die (‘Error: Could not connect to mysql server’);
mysql_select_db(‘yourdatabase’, $this -> conn) or die (‘Error: Could not select db’);
}
function save() {
if(!empty($this -> fullname) && !empty($this -> comments)) {
$sql = "INSERT INTO guestbook (fullname, email, website, comment, created) VALUES (‘". $this -> fullname . "’, ‘" . $this -> email . "’, ‘" . $this -> website . "’, ‘" . $this -> comments . "’, ‘" . date(‘Y-m-d H:i:s’) . "’)";
if(!$query = mysql_query($sql, $this -> conn)) {
return ‘Error, could not insert comment.<br>MySQL Error: ‘ . mysql_error();
}
} else {
return ‘Error, paramenter is empty!’;
}
}
function getAllComments() {
$sql = ‘SELECT * FROM guestbook’;
$query = mysql_query($sql);
$i = 0;
while($row = mysql_fetch_assoc($query)) {
$ret[$i] = $row;
$i++;
}
return $ret;
}
}
?>
After you create this 2 files and save in your web server root folder, you are basically done. Guestbook system is ready now. Open up your browser and enter http://localhost/yourdirectory/index.php and you can start to use the system.
I’ll explain the inside code next time. At this moment, try to go thru the code, i think it’s quite simple and easy to understand. I’ll post the code explaination next time. 🙂