adam14/bukutamu.php

## bukutamu.php
<?php
if(isset($_POST['submit']))
{
	include "koneksi.php";

	$nama=htmlentities($_POST['nama']); #htmlentities untuk menghindari SQL INJECTION
	$email=htmlentities($_POST['email']);
	$komentar=htmlentities($_POST['komentar']);

	if($nama=="" || $email=="" || $komentar=="") #Jika Isi Field Kosong Maka Akan Tampil Pesan
	{
		echo "<script>alert('Field Masih Kosong, Silakan Lengkapi Terlebih Dahulu !');document.location.href='bukutamu.php';</script>";
	}
	else
	{
		#Jika Tidak Maka Akan Tersimpan Didatabase
		$simpan=mysql_query("INSERT INTO guestbook VALUES('','$nama','$email','$komentar')");

		if($simpan) #Jika Querynya Benar Maka Akan Tersimpan Didatabase
		{
			echo "<script>alert('Semoga Komentar Anda Bermanfaat !');document.location.href='view.php';</script>";
		}
		else #Jika Querynya Salah Maka Tampil Pesan
		{
			echo "<script>alert('Periksa Lagi Query Simpan !');document.location.href='bukutamu.php';</script>";
		}
	}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body topmargin="30">
<form action="bukutamu.php" method="post" enctype="multipart/form-data">
<table border="1" align="center" width="45%" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
<tr>
	<td><font face="Times New Roman, Times, serif" size="3">Nama</font></td>
    <td><input type="text" size="30" name="nama" /></td>
</tr>
<tr>
	<td><font face="Times New Roman, Times, serif" size="3">E-Mail</font></td>
    <td><input type="email" size="25" name="email" /></td>
</tr>
<tr>
	<td valign="top"><font face="Times New Roman, Times, serif" size="3">Komentar</font></td>
    <td><textarea cols="30" rows="7" name="komentar"></textarea></td>
</tr>
<tr>
	<td colspan="2" align="right"><input type="submit" name="submit" value="Kirim" />&nbsp;<input type="reset" name="batal" value="Batal" /></td>
</tr>
</table>
</form>
<br />
<table align="center" width="100%">
<tr>
	<td align="center"><?php
					include "view.php";
	?></td>
</tr>
</table>
</body>
</html>

## koneksi.php
<?php

$host="localhost";
$user="root";
$pass="";
$db="test";

$koneksi=mysql_connect($host,$user,$pass) or die(mysql_error());
$database=mysql_select_db($db,$koneksi) or die(mysql_error());

?>

## view.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body topmargin="10">
<table border="1" cellpadding="0" cellspacing="0" width="60%" bgcolor="#00000" bordercolor="#CCCCCC">
<?php
include "koneksi.php";

$query=mysql_query("SELECT * FROM guestbook ORDER BY id DESC");
while($show=mysql_fetch_array($query))
{
?>
<tr>
	<td><font face="Times New Roman, Times, serif" size="3" color="#FFFFFF"><strong>Nama : <?php echo $show['nama']; ?> ( <?php echo $show['email']; ?> )</strong></font></td>
</tr>
<tr>
	<td valign="top"><font face="Times New Roman, Times, serif" size="3" color="#FFFFFF">Komentar : <br /><?php echo $show['komentar']; ?></font></td>
</tr>
<?php
}
?>
</table>
</body>
</html>
	<?php
	if(isset($_POST['submit']))
	{
	include "koneksi.php";

	$nama=htmlentities($_POST['nama']); #htmlentities untuk menghindari SQL INJECTION
	$email=htmlentities($_POST['email']);
	$komentar=htmlentities($_POST['komentar']);

	if($nama=="" \|\| $email=="" \|\| $komentar=="") #Jika Isi Field Kosong Maka Akan Tampil Pesan
	{
	echo "<script>alert('Field Masih Kosong, Silakan Lengkapi Terlebih Dahulu !');document.location.href='bukutamu.php';</script>";
	}
	else
	{
	#Jika Tidak Maka Akan Tersimpan Didatabase
	$simpan=mysql_query("INSERT INTO guestbook VALUES('','$nama','$email','$komentar')");

	if($simpan) #Jika Querynya Benar Maka Akan Tersimpan Didatabase
	{
	echo "<script>alert('Semoga Komentar Anda Bermanfaat !');document.location.href='view.php';</script>";
	}
	else #Jika Querynya Salah Maka Tampil Pesan
	{
	echo "<script>alert('Periksa Lagi Query Simpan !');document.location.href='bukutamu.php';</script>";
	}
	}
	}
	?>
	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<title>Untitled Document</title>
	</head>

	<body topmargin="30">
	<form action="bukutamu.php" method="post" enctype="multipart/form-data">
	<table border="1" align="center" width="45%" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
	<tr>
	<td><font face="Times New Roman, Times, serif" size="3">Nama</font></td>
	<td><input type="text" size="30" name="nama" /></td>
	</tr>
	<tr>
	<td><font face="Times New Roman, Times, serif" size="3">E-Mail</font></td>
	<td><input type="email" size="25" name="email" /></td>
	</tr>
	<tr>
	<td valign="top"><font face="Times New Roman, Times, serif" size="3">Komentar</font></td>
	<td><textarea cols="30" rows="7" name="komentar"></textarea></td>
	</tr>
	<tr>
	<td colspan="2" align="right"><input type="submit" name="submit" value="Kirim" /> <input type="reset" name="batal" value="Batal" /></td>
	</tr>
	</table>
	</form>
	<br />
	<table align="center" width="100%">
	<tr>
	<td align="center"><?php
	include "view.php";
	?></td>
	</tr>
	</table>
	</body>
	</html>
	<?php

	$host="localhost";
	$user="root";
	$pass="";
	$db="test";

	$koneksi=mysql_connect($host,$user,$pass) or die(mysql_error());
	$database=mysql_select_db($db,$koneksi) or die(mysql_error());

	?>