Creating a guestbook

The next task up the difficulty food chain is creating a guestbook - a textual log of messages from visitors to your site. Programmatically speaking, guestbooks are actually easier than polls to write because you need only store a chunk of user text directly in your database. The reason I have covered polls first is because guestbooks are inherently insecure - when you just allow users to click a button to select their entry there is little scope for error, but when you take their input and need to use that for text entry into your database, you become a much juicier target.

Guestbooks are usually most common on personal homepages of any size, but are generally not appropriate for corporate sites as you may get abusive users posting there. Do not believe me? Consider this: I once created a Prayer Board for a local church, which was effectively a guestbook, and even that had a number of abusive messages posted there by people who clearly have a lot of time on your hands.

We'll be looking at this and other security concerns related to guestbooks here.


Want to learn PHP 7?

Hacking with PHP has been fully updated for PHP 7, and is now available as a downloadable PDF. Get over 1200 pages of hands-on PHP learning today!

If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!

Next chapter: Analysis >>

Previous chapter: Building a better poll

Jump to:


Home: Table of Contents

Copyright ©2015 Paul Hudson. Follow me: @twostraws.