YA: Simple Content Form WC

<?php
/*    In response to a Yahoo Answer's Question    */
// http://pastebin.com/RjEFuzwe  Same script without comments

// session_start(); // Depending on whether or not you're using Sessions.
// Using header() --> Headers cannot be sent if data has already been sent to the user, either by echo, print or php error message.

/*    Message Functions    */
// Use of tabled messages based on your initial example
function errorMsg($msg){
    // Checks to see if the supplied msg is an array of messages.
    if(is_array($msg)){
        $r = '<table>';
        foreach($msg as $m){
            $r .= '<tr><td style="color: #900;font-weight: bold;">' . $m . '</td></tr>' . PHP_EOL;
        }
        return $r . '</table>';
    }else{
        return '<table><tr><td style="color: #900;font-weight: bold;">' . $msg . '</td></tr></table>'; // #900 is a medium Red
    }
}
function goodMsg($msg){
    return '<table><tr><td style="color: #090;font-weight: bold;">' . $msg . '</td></tr></table>'; // #090 is a medium Green
}

/*    Variables    */
$output = ''; // Will hold the desired output;
$title = $_POST['title'];
$content = $_POST['content'];
$category = $_POST['category'];
$form = <<<FORM
<form action="./test.php" method="post" style="background-color: #000;">
    <table>
        <tr>
            <td><font color="white"><b>Title:</b></font></td>
            <td><input type="text" name="title" value="$title"></td>
        </tr>
        <tr>
            <td><font color="white"><b>Content:</b></font></td>
            <td><textarea name="content" rows="6" col="80">$content</textarea></td>
        </tr>
        <tr>
            <td><font color="white"><b>Category</b></font></td>
            <td>
            <select name="category">
                <option value="General Discussion">General Discussion</option>
                <option value="Suggestions">Suggestions</option>
                <option value="Complaints">Complaints</option>
                <option value="Problem Reporting">Problem Reporting</option>
            </select>
            </td>
        </tr>
        <tr>
            <td colspan="2"><input type="submit" name="postbtn" value="Post"></td>
        </tr>
    </table>
</form>
FORM;

/*    Logged In Check    */
    // No Idea where $username and $userid are coming from, I'm assuming a $_SESSION or $_COOKIE variable
    // If it is a Session variable, then you will need to start the session at the beginning of the script with a: session_start();
$username = $_COOKIE['username'];
$userid = $_COOKIE['userid'];
if( !$username || !$userid){
    header('Refresh: 5; url=/login/login.php'); // Header is sent before output of data.
    echo errorMsg('You need to be logged in to access this page. <a href="/login/login.php" >Login</a>');
    exit;
}

/*    Form Checking And Processing    */

if ($_POST['postbtn']){
    $currenttime = date("h:i A");
    $currentdate = date("F d, Y");
    $errors = Array(); // Will hold the error Messages.

    /*    Error Checking    */
    if ((strlen($title) < 10) || (strlen($title) > 50)){
        $errors[] = 'Title must be longer than 10 and less than 50 characters';
    }
    if ((strlen($content) < 50) || (strlen($content) > 1000)){
        $errors[] = 'Content must be longer than 50 and less than 1000 characters';
    }
    if( count($errors) > 0){ // Errors Occurred
        $output = errorMsg($errors) . $form;
    }else{ // No Errors Occurred Continue with post.
        require ("connect.php");
        // Title and Content need to be cleaned from SQL Injection and other harmfull attacks.
        // Although mysql_real_escape_string() is not perfect, it does offer descent protection.
        // Better protection can come from Prepared Statements.
        // mysql_real_escape_string() requires a connection to a mysql database, that is why I
        // didn't suggest using it before on the initial variable declaration.
        // Be aware that the addition of escaping can create entries longer than 50 (title) or 1000 (content).
        // The database column limits should be altered to address these possibilities.
        $title = mysql_real_escape_string( $title );
        $content = mysql_real_escape_string( $content );
        $category = mysql_real_escape_string( $category ); // Although you set these yourself, someone can alter them to be harmful.
        $query = mysql_query("SELECT id FROM posts WHERE title='$title' LIMIT 1"); // I am assuming that there is a column by the name of 'id', but it should be the column with the least amount of data.
        // Returning more data than you need (content), will take up more resources.
        // If all you're doing is checking for the existence, then you simply need to return 1 column Item
        // Limiting it to one, will result in MySQL stopping the search after it locates one, as oppose to
        // continueing to search the whole table for a match.
        if ($query && mysql_num_rows($query) === 0){ // Check to ensure query was successful and then check to see that there is no rows returned.
            if( mysql_query("INSERT INTO posts (title, content, time, date, author, category) VALUES ('$title', '$content', '$currenttime', 'on $currentdate', '$username', '$category')") ){
                // Success, no need to double check with another query.
                header('Refresh: 5; url=./posts.php?title=' . $title);
                $output = goodMsg('Your message was posted successfully.<br>If you are not redirected to the post in 5 seconds. Click the link below.<br> <a href="">' . $title . '</a>');
            }else{
                $output = errorMsg('There was an Internal Error, while attempting to save your post. Please try again in a few minutes.') . $form; // Output the form
            }
        }else{
            $output = errorMsg('There is already a post with that Title, please select another.') . $form; // Output the form.
        }
        // mysql_close($conn); // Or whatever variable your connection is stored.
    }
}else{
    $output = $form; // Default output;
}
echo $output; // Output the output
?>