setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Check if the guestbook table exists
$tableCheck = $db->query("SELECT name FROM sqlite_master WHERE type='table' AND name='guestbook'")->fetch();
// If the table doesn't exist, create it
if (!$tableCheck) {
$query = "CREATE TABLE guestbook (id INTEGER PRIMARY KEY, username TEXT, name TEXT, email TEXT, message TEXT)";
$db->exec($query);
}
$username = filter_var($username, FILTER_SANITIZE_STRING);
if (isset($_POST['name'], $_POST['email'], $_POST['message'])) {
$name = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$email = filter_var($_POST['email'], FILTER_SANITIZE_STRING);
$message = filter_var($_POST['message'], FILTER_SANITIZE_STRING);
$stmt = $db->prepare("INSERT INTO guestbook (username, name, email, message) VALUES (:username, :name, :email, :message)");
$stmt->execute([':username' => $username, ':name' => $name, ':email' => $email, ':message' => $message]);
}
$stmt = $db->prepare("SELECT * FROM guestbook WHERE username = :username ORDER BY id DESC");
$stmt->execute([':username' => $username]);
$entries = $stmt->fetchAll();
} catch (PDOException $e) {
die("Error: " . $e->getMessage());
}
?>
Welcome to <?= htmlspecialchars($username) ?>'s Guestbook!
';
} else {
// Default theme
echo '';
}
?>
Welcome to 's Guestbook!
Please leave a message below to let us know what you think of our page.
Guestbook Entries
';
echo '
' . htmlspecialchars($entry['name']) . ' (' . htmlspecialchars($entry['email']) . ')
';
echo '
' . htmlspecialchars($entry['message']) . '
';
echo '
No guestbook entries were found for ' . htmlspecialchars($username) . '.
';
}
?>