If by to make entries you mean adding data to the database.

You do this in the same way that you select data.
Instead of issuing a select statement like:

SELECT x,y,z FROM table1 

You do:

INSERT INTO table1 (x,y,z) VALUES ('a', 1, 'test')

Or:

UPDATE table1 SET x = 'b' WHERE x = 'a'

How you pass parameters depends on the API you use.
It is best (safest) to use PDO to pass parameters.

How to get parameters out of a url
In order to get the parameters out of the url (e.g.: example.com/test.php?username=xyz&password=!@#$%) do:

$username = mysql_real_escape_string($_GET['username']);  
$password = mysql_real_escape_string($_GET['password']);  
$query = "SELECT * FROM users WHERE username = '$username' 
          AND passhash = sha2(CONCAT(salt,'$password'),512)";

Note that it’s vital to put single quotes around the injected variable names when using mysql_real_escape_string() or the escaping will be useless. Used like this the code is 100% secure from SQL-injection.

If you’re using PDO, you can drop the mysql_real_escape_string() if not you need it to prevent SQL-injection.

Links
http://dev.mysql.com/doc/refman/5.5/en/update.html
http://dev.mysql.com/doc/refman/5.5/en/insert.html
http://php.net/manual/en/ref.pdo-mysql.php
https://stackoverflow.com/search?q=%5Bphp%5D+%5Bmysql%5D+pdo
http://php.net/manual/en/reserved.variables.get.php
http://php.net/manual/en/function.mysql-real-escape-string.php