joined:July 19, 2013
# First, always best to check and make sure you're getting what you should
# prior to "doing anything" with it, so let's check and make sure report_category
# is numeric.
if(isset($_POST['send'] && is_numeric($_POST['report_category'])
# Second, "external variables", such as POST, GET, COOKIE are "type cast" as strings,
# not integers, even if they're a number, so let's make sure we cast the number in
# report_category as an integer.
$cat_id = (int)
# Third, the ` [back tick != single quote]
are not only unnecessary around the
# table name, but ` [back tick]
in PHP is an execution operator for shell commands,
# so avoiding them, unless there's a specific reason not to, is usually best -- [php.net
$query = "INSERT INTO list_inpurt (cat_id) VALUES($cat_id)";
# For testing, let's see wtf is going on if there's an error.
mysql_query($query) or die(mysql_error());
# Make sure to remove the preceding or edit in a way as to not show errors on the page for
# any live version of code.