4. Make your site xhtml valid, you should standardize this for every website/script/code you create. http://validator.w3.org/check?uri=ht....com%2Fblog%2F
If you ignore the count, it came down to a mere two errors in the code; two missing closing tags causing problems and a missing type declaration in the style tag. Not bad for entirely unvalidated -- I haven't had time for that. The other errors are characters from Traveler's lengthy post, ones that aren't valid SGML, which I don't know how to enforce. Unless you know a simple check or encoding type I don't have the time to hunt down a validation fix.

1. What do you exactly mean by this?
"Secure against most types of web attacks."

2. I'm not sure if this is relevant for your script, but please make sure that sql injections such as "0.1,tablefield=value" can not be done.
The first is answered with the second. XSS (cross site scripting), SQL Injection, remote posting (IE, remote hacking of the site by posting), and spambot protection. All in one, and half obscured. I have tested SQL injections and they fail.

3. Try to create all your queries on top of the page. Not certain if you are/aren't doing this yet.
Queries are done in the midst of generation. For the time being I don't have time to realign everything. I overshot my objectives by a great distance, and what could have taken 2 hours to complete I turned into something complete in 9; I wasn't exactly supposed to put full functionality together yet.

5. Make your code that it validates whether the server posted or not, if you will not do this, I will be able to run forms from my pc into your database.
Go ahead and try it. A blind post will get you nowhere. That would could as a potential attack in brute force entry; the only thing you could accomplish at this point (due to not implementing an IP ban) would be a DDoS attack by flood-posting.

Thanks for the comments and the offer. I'm not entirely new to this and it isn't my first time working with databases, but a piece of paper saying "yes I can" will make potential employers happier ... so I have started taking small classes for certification by O'Reilly.