Uh oh!  Please google "sql injection" before you get to far along with your project, the type of application you are proposing is incredibly risky/dangerous.