intro |  html |  css |  design |  scripting |  dhtml |  server 


Coding the Guestbook in PHP

This page covers:
   Start with Pseudocode
   Connect to the DB
   Check for Form Submission
   Get Existing Guestbook Entries
   Write the Web Page    The Finished Guestbook

Start with Pseudocode

I always start by jotting down some quick logic with either pseudocode or a flow chart. For this example, we need to connect to the database. If the form has been submitted, insert into the db. Query the database for existing guestbook entries and print them. Print the form for users to add new entries. Make sure to validate the form so the required fields are filled out (in this case, only the comment field is required). Pseudocode would look something like this:

connect to db

if form submitted then
	insert into db
	if insert is successful
		append success message to print_str
		append failure message to print_str

query db for all entries
while recordset is not empty
	get name, email, comment, date
	if name is not empty 
		if email is not empty
			link name to email address
	else if email is not empty
		link email to email address
		name is empty
	append comment, date, name to print_str
print print_str
print the form to add new comments

when form is submitted, validate that required field is not empty

Connect to the DB

So here we go. First we need to connect to the database because whether or not the form is submitted, we're going to query it for the existing guestbook entries. I keep all my database variables in my variable include file, and I have a database connection function that I normally call to connect to the db, but I'll write it out here (don't forget to change the database variables for your own database).

$dbHost = "localhost";
$dbUser = "hardcoder";
$dbPass = "hardcoder";
$dbDatabase = "hardcoder";

// Connect to DB

$li = mysql_connect($dbHost, $dbUser, $dbPass) or die("Could not connect");
mysql_select_db($dbDatabase, $li) or die ("could not select DB"); 


Check for Form Submission

Now we'll get into some of the meat of the code. This portion checks to see if the form has been submitted, then inserts into the db if it has. Read the comments:

// initiate some vars

$gb_str = ""; 	// $gb_str is the string we'll append entries to
$pgeTitle = "View and Sign Guestbook";

// If form is submitted, then insert into DB
if (!empty($HTTP_POST_VARS["submit"])) {
	$name = $HTTP_POST_VARS["frmName"];
	$email = $HTTP_POST_VARS["frmEmail"];
	$comment = $HTTP_POST_VARS["frmComment"];
	$date = Date("Y-m-d h:i:s");
	$gb_query = 	"insert into guestbook
			values(0, '$name', '$email', '$comment', '$date')";
	$res = mysql_affected_rows();
	// See if insert was successful or not
	if($res > 0) {
		$ret_str="Your guestbook entry was successfully added.";
	} else {
		$ret_str = "Your guestbook entry was NOT successfully added.";
	// Append success/failure message
	$gb_str .= "<span class=\"ret\">$ret_str</span><BR>";

Get Existing Guestbook Entries

Now we need to query the database for existing guestbook entries. We do this regardless of whether or not the form has been submitted.

// The querystring
$get_query = "select gbName, gbEmail, gbComment, DATE_FORMAT(gbDateAdded, '%m-%d-%y %H:%i') gbDateAdded
		from guestbook";

$get_rs = mysql_query($get_query);
$gb_str .= "<hr size=\"1\">";

// While there are still results
while($get_row = mysql_fetch_array($get_rs)) {
	$name = $get_row["gbName"];
	$email = $get_row["gbEmail"];
	$comment = $get_row["gbComment"];
	$date = $get_row["gbDateAdded"];
	if(!empty($name)) {
		// If name exists and email exists, link name to email
		if(!empty($email)) {
			$name="by <a href=\"mailto:$email\">$name</a>";
	// If name does exist and email exists, link email to email		
	} elseif (!empty($email)) {
		$name = "by <a href=\"mailto:$email\">$email</a>";
	// Else make name blank 
	} else {
		$name = "";
	// Append to string we'll print later on
	$gb_str .= "<br>$comment<p class=\"small\">< posted on $date $name><hr size=\"1\">";

// Free Result Memory

Write the Web Page

Now we display the guestbook entries and the form to add new entries on the page:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> 
<SCRIPT language="javascript">

/* This function is pulled from a generic validation file from
some other site (probably and strips out
characters you don't want */

function stripCharsInBag (s, bag) {
	var i;
    var returnString = "";

    // Search through string's characters one by one.
    // If character is not in bag, append to returnString.

    for (i = 0; i < s.length; i++)
        // Check that current character isn't whitespace.
        var c = s.charAt(i);
        if (bag.indexOf(c) == -1) returnString += c;
    return returnString;

// This function just makes sure the comment field is not empty

function valForm(frm) {
	// Questionable characters
	badChars = "<[]>{}";
	if(frm.frmComment.value == "") {
		alert("Please fill in your comments for the guestbook.");
		return false;
	} else {
		// Strip questionable chars from all fields
		frm.frmComment.value = stripCharsInBag(frm.frmComment.value, badChars);
		// These values may be empty, but strip chars in case they're not
		frm.frmName.value = stripCharsInBag(frm.frmName.value, badChars);
		frm.frmEmail.value = stripCharsInBag(frm.frmEmail.value, badChars);
		return true;


<BODY bgcolor="#FFFFFF">
<? echo $gb_str; ?>

<form name="gb" action="<? echo $PHP_SELF;?>" method="post">
<table cellpadding="3" cellspacing="0" border="0">
    <td class="tdhead" valign="top" align="right">Name</td>
    <td valign="top"><input type="text" name="frmName" value="" size="30" maxlength="50"></td>
    <td class="tdhead" valign="top" align="right">Email</td>
    <td valign="top"><input type="text" name="frmEmail" value="" size="30" maxlength="100"></td>
    <td class="tdhead" valign="top" align="right">Comment</td>
    <td valign="top"><textarea name="frmComment" rows="5" cols="30"></textarea></td>
    <td> </td>
    <td><input type="submit" name="submit" value="submit" onClick="return valForm(">
    	<input type="reset" name="reset" value="reset"></td>


// Close MySQL Connection

The Finished Guestbook

You can view the complete code for the guestbook here. I've made some minor changes to it so I could use the site template, and you can view the working version and test it out for yourself here. © 1999-2011. all rights reserved. // site created and maintained by kathy ahn