I have an idea: Make it so that a user can only add one item each time they visit the website or clear their cookies. Here's some code:
[PHP]<?php
session_start();
if ($_SESSION['spamcheck']) {
die('You have already submitted data to this database!');
// Or put whatever you like as an error message here, if you don't
// use die();, then be sure to use the "exit;" command after you
// display the error.
};

// Add your form code and MySQL processing here.
// Add the following line -after- the MySQL process
// has completed successfully.

$_SESSION['spamcheck'] = TRUE;
?>
[/PHP]

Sp!ke offers a nice solution to help prevent people from multiple posting. Thanks, Sp!ke! :)

Jdmml, do you want to restrict public access to your form altogehter? If so, then you must password-protect the script or the entire directory. You can employ security at the web-server level, but how you do that depends on what web server you are using. IIS on Windows, Apache on Windows, Apache on Linux, etc. Look up "security" or "password protect" for whatever webserver you use. If using Apache, check out the .htaccess file feature.

Another option is to "roll your own" security. You can write a PHP password-protection script. Good news is, I've done most of this work for you already. Check out my PHP Session & Password-Protection Class at http://www.troywolf.com/articles .

And now for more than you asked for.
The thing to understand about script-based protection is that you can only protect script pages. That is, consider a PHP-based protection system involving a PHP include file that you include in every script you want to protect. Well you can't include that protection into a PDF file or Microsoft Excel file or an image file such as .gif or .jpg. BUT...what you can do is to put all those non-PHP files into a non web-accessible directory then write a PHP script that opens those files and streams them to the browser as needed. (That is a bit more advanced topic, but not too difficult.)

MediaWiki, although all of its pages are freely editable, yes, they make constant backups to ensure somebody doesn't come in and just delete everything. For your purposes, I'd recommend adding a MySQL column named "approved" or something similar, and writing simple PHP to check if "approved" is TRUE, or is equal to 1. Those that are not approved can be dislayed on a password-protected PHP page which only you can access, like Troy here described (very nicely, might I add), and then a link, possibly, next to each one, something like "Approve | Deny". Deny would change the "approved" column in the database to -1, and Approve might change it to 1.