code:
<html>
<head>
<title>Upload</title>
</head>
<body>
<?php
$user = strip_tags($_GET["name"]);
$message = strip_tags($_GET["message"], '<b><i><u><a>');
$handle = @fopen("./savedinfo.php", "r+");
if ($handle) {
while (!feof($handle)) {
$buffer .= fgets($handle, 4096);
}
fwrite($handle,"<CENTER><font size='2' face='Verdana'><A href='$user' target='_blank'><img src='$user' width='300' height='200' style='border-color:#000000' border='0'></a><BR>$message<BR><BR></font></CENTER>\n");
fwrite($handle, $buffer);
fclose($handle);
}
print("<b>Thank You!</b><br />Your information has been added! You can see it by <a href=savedinfo.php>Clicking Here</a>");
?>
</body>
</html>
This does exactly what roflmao's does, except it is safe from PHP and HTML injection, and allows for basic tags such as <b><i><u> and <a> in the message field.
I figure this method, opening the file for read/write, will be more efficent than filegetcontents() because you only need to open it once.
/ 
