I have some comments about this article. I think you missed a chance there to stress user input validation.
Basically you just take whatever the user inputs in the php-form and stuff it into the sql to store it to DB. But without data validation that is actually asking for trouble. There is a reason why Sql-injection is one of the most popular vulnerabilities out there.