Hello,
First of all, from your example, your DB can be hacked by a 7 year old (sql injection), but I can find a dozen other ways to do it... You don't make ANY validation/sanitizing before inserting into the DB, but i like that you beautify the output:).
If you need a form validated using ajax/JS, then again sanitized before DB insertion, this is my price. Please note that I only work on legal work days (EU).
If you are interested, you can contact me for more details.
Thank you.