chiro-canto/public/contact/golden-book/sendmessage.php

<?php

session_start();

require("/database/credentials.php");

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

// Connect the database
try{
	$db = new PDO("mysql:host=$host;dbname=$database;charset=utf8", 
		$user, 
		$password, 
		array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
		));
}catch (Exception $e){
	die("Error : ".$e->getMessage());
}

/* Create Table if not exists */
// $req = $db->prepare('CREATE TABLE IF NOT EXISTS golden_book ( `id` INT NOT NULL AUTO_INCREMENT , `firstname` VARCHAR(25) NOT NULL , `lastname` VARCHAR(25) NOT NULL , `email` VARCHAR(125) NOT NULL, `date` DATE NOT NULL DEFAULT CURRENT_TIMESTAMP , `message` TEXT NOT NULL , `website` VARCHAR(125) NOT NULL , PRIMARY KEY (`id`)) ENGINE = InnoDB;');
// $req->execute();

/* Load entries */
$error_msg = "";
if (isset($_POST)) {
    if (isset($_POST['firstname'])) {
        $fname = $_POST['firstname'];
    } else {
        $error_msg .= "You have not entered a proper first name.\n";
    }
    if (isset($_POST['lastname'])) {
        $lname = $_POST['lastname'];
    } else {
        $error_msg .= "You have not entered a proper last name.\n";
    }
    if (isset($_POST['email'])) {
        $email = $_POST['email'];
    } else {
        $error_msg .= "You have not entered a proper email address.\n";
    }
    if (isset($_POST['website'])) {
        $website = $_POST['website'];
    }
    if (isset($_POST['message'])) {
        $message = $_POST['message'];
    } else {
        $error_msg .= "You have not entered a proper message.\n";
    }
}
if ($error_msg != "") {
	$_SESSION['error_msg'] = $error_msg;
} else {
	/* Add given message */
	$req = $db->prepare("INSERT INTO golden_book (firstname, lastname, email, message, website) VALUES (:fname, :lname, :email, :message, :website)");
	$req->execute(array('fname'=>$fname, 'lname'=>$lname, 'email'=>$email, 'message'=>$message, 'website'=>$website));
}
header('Location: '.'index.php');
?>