Quote Originally Posted by Mr Happy View Post
Put this above the part I edited earlier. You have to be connected to the database for it to check the inputs to make sure their clean.
PHP Code: 
mysql_connect("localhost","username","password") or die(mysql_error());
mysql_select_db("database") or die(mysql_error()); 
So it will be like this:
PHP Code: 
mysql_connect("localhost","username","password") or die(mysql_error());
mysql_select_db("database") or die(mysql_error());

$name mysql_real_escape_string($_POST['name']);
$email mysql_real_escape_string($_POST['email']);
$comment mysql_real_escape_string($_POST['comment']); 
$time now();
$add mysql_query("INSERT INTO guestbook (name, email, comment, date) VALUES ('$name','$email','$comment', '$time')"); 
Edit: Gav0 beat me this time
Call to undefined function now()
that is to the

$time = now();