Your problem is not adding a AP to your lan it is adding a new wireless network that allows only internet. You want the new network to talk to your internet router but not to your lan.
You will need a more advanced router that can support multiple inside connection. Most the time this is done with AP or routers that are designed to advertise 2 SSID and assign them to different networks. These features are why commercial grade equipment cost much more.
You may be able to make this work somewhat securely by placing a second router behind your main router and then set a restriction to only allow traffic between this second router and your main router but not to any other PC behind the main router.
A 2 router setup is difficult enough but is your cheapest option
I need to add an access point to our existing LAN. We often have visitors that require internet access. We use dhcp and Server 2003. I have a Linksys wireless Model WRT54GS.