View Our Guestbook
In the code below, we show one third of the code needed for a website guestbook. The code in which the sign-in data gets submitted via an HTML form is in the file PHP-guestbook.php, explained in Script to Sign In to Guestbook. And the code in which the sign-in data gets added to the database table is in the file add-a-guest-to-guestbook.php, explained in Script to Add a Guest to Guestbook.
According to wikipedia, "a guestbook is a paper or electronic means for a visitor to acknowledge their visitation to a site, physical or web-based, and leave their name, postal or electronic address (if desired), and a comment or note, if desired." Paper-based guestbooks are traditional in hotels, churches, at weddings, funerals, Bed and Breakfasts, museums and other private facilities. Even some private homes maintain guestbooks. Funeral homes maintain guestbooks and online memorials keep alive the memory of the dealy departed. Using guestbooks, you can build a sense of community with your site visitors and get feedback from these site visitors as well.
Now—on to the script code:
First we give users the opportunity to sign in either before or after viewing the contents of the guestbook. Then we use PHP code. After using the config.php file to get the necessary magic words for db connection, we grab the contents of the guestbook and use the while($rows=mysql_fetch_array($res)){ loop statement to get this data into addressable arrays. The array element $rows['id'] is the first displayed value in the while loop and as long as the while keeps finding more records, the $rows['id'] element will keep getting new id field values, and the same for the rest of these fields, since id is merely one of the fields.
Note that both stripslashes() and htmlentities()—in that order—are run on the data from the db table. This is to make it safe. The stripslashes() function makes sure there are no slashes in the data, since when we entered the data into the table, we used the mysql_real_escape_string() function to escape the data for safety. The htmlentities() function is for safety—this is the best function to run on displayed-on-the-page data, since if there is anything hinky going on with the data, the conversion of questionable characters to entities will generally neutralize the hinkiness and make it safe to display. The ENT_QUOTES quote style option makes sure both single and double quotes are converted to HTML entities.
Note that it is fine to stick PHP statements in the middle of HTML statements as long as you are just displaying the results. You can even do this in JavaScript and set the PHP value in the PHP tags to be equal to a newly defined variable in a variable definition statement. But this only works well if you do it with numbers 16 digits long or less. If you want longer numbers, they'll get rounded off so make sure that is okay. If you want numeric arrays, strings, or string arrays, you need to use JSON—JavaScript Object Notation. A general rule here is "insert, not convert." But if you MUST get values into variables, the page just cited shows you how easy and effective JSON is. It's found in PHP 5.2 and later, or for earier versions, using extensions.
This file is named: view-our-guestbook.php
<html>
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>PHP Guestbook Viewing Script</TITLE>
<meta name="description" content="PHP Guestbook Viewing Script">
<meta name="keywords" content="PHP Guestbook Viewing Script,Guestbook Script,view,php,mysql,dhtml, DHTML">
<style type="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left;background-color:#ddd}
p, td {font:13px Verdana; color:black;}
h1 {font:bold 40px Verdana; color:blue;text-align:center}
h2 {font:bold 13px Verdana; color:blue;text-align:center}
</style>
</head>
<body>
<table width="600" border="0" align="center" cellpadding="3" cellspacing="0">
<tr>
<td><b><h1>View Our Guestbook</h1><BR><h2><a href="PHP-guestbook.php">Sign Our Guestbook</a></h2></b></td>
</tr>
</table>
<br>
<?php
include_once"config.php";
$sql="SELECT * FROM guestbook" or die(mysql_error());;
$res=mysql_query($sql);
while($rows=mysql_fetch_array($res)){
?>
<table width="600" border="1" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><table width="600" border="0" cellpadding="3" cellspacing="0" bgcolor="#ffffff">
<tr>
<td align='right' width='100'><b>ID: </b></td>
<td align='left'><? echo htmlentities(stripslashes($rows['id']), ENT_QUOTES); ?></td>
</tr>
<tr>
<td align='right'><b>Name: </b></td>
<td align='left'><? echo htmlentities(stripslashes($rows['name']), ENT_QUOTES); ?></td>
</tr>
<tr>
<td align='right'><b>Email: </b></td>
<td align='left'><? echo htmlentities(stripslashes($rows['email']), ENT_QUOTES); ?></td>
</tr>
<tr>
<td align='right'><b>Website URL: </b></td>
<td align='left'><? echo htmlentities(stripslashes($rows['websiteURL']), ENT_QUOTES); ?></td>
</tr>
<tr>
<td align='right'><b>Date/Time: </b></td>
<td align='left'><? echo htmlentities(stripslashes($rows['datetime']), ENT_QUOTES); ?></td>
</tr>
<tr>
<td align='right'><b>Comment: </b></td>
<td align='left'><? echo htmlentities(stripslashes($rows['comment']), ENT_QUOTES); ?></td>
</tr>
</table></td>
</tr>
</table>
<BR>
<?
}
mysql_close();
?>
</body>
</html>