Best way to do this is to use the security model in the database.
Example steps:
1. Create a user called 'webaccess' on the database.
2. Grant 'webaccess' permission to select, insert, possibly delete and update on the tables in your web database;
3. Write a simple default php include which handles the database connection which uses the user 'webaccess'.
4. Use the include in which ever forms need database access.
It's all in section 4.3 onwards of the manual.
Grant and revoke syntax is at:
http://ftp.plig.org/pub/mysql/doc/G/R/GRANT.html (UK Mirror)
Cheers
