Using the search functionality of the guestbook application try to execute some other functionalities.
Update your configuration of PHP (file php.ini) in order to disable the magic_quote_gpc option (turn it off).
Use the search field to make a SQL Error
Change the search field to add a "or 1" that makes the selection always true. You may need to see the source code, to write the sentence.
Hack the login, such that you can log as any user (giving only the userid).
Hack the list functionality, such that you can see all the users (you may need to rename some fields).
Insert a new record in the guestbook database, and give another userid as author.
More realistic attack
For this exercise, you may need the functionality for "url encoding" of strings that is present in the examples section of this site the encoding page.
We want to use the view message page, where a message is normally displayed using its identifyer (id=). Use this page to create a file containing all the messages. First write the file inside the /tmp/ directory, and then test if you can write in any subdirectory of your htdocs/ this would mean that you have a major security breach.