RonKevinT.Manuela 0 Junior Poster in Training

So basically, I want to require the user to select from the checkbox
Here is addpost.php

  <form action='' method='post'>

        <p><label>Title</label><br />
        <input class= "form-control" type='text' name='postTitle' value='<?php if(isset($error)){ echo $_POST['postTitle'];}?>'></p>

        <p><label>Description</label><br />
        <textarea name='postDesc' cols='60' rows='10'><?php if(isset($error)){ echo $_POST['postDesc'];}?></textarea></p>

        <p><label>Content</label><br />
        <textarea name='postCont' cols='60' rows='10'><?php if(isset($error)){ echo $_POST['postCont'];}?></textarea></p>
        <!--For textarea's rather then making the admins enter the html for the text themselves its better to use an editor-->
         <script>
                CKEDITOR.replace( 'postDesc',{customConfig:'/sics/ckeditor/ckeditor_config.js'});
                CKEDITOR.replace( 'postCont',{customConfig:'/sics/ckeditor/ckeditor_config.js'} );
         </script>

        <fieldset>
            <label><h5>Select a category</h5></label><br>

            <?php   

            $stmt2 = $db->query('SELECT catID, catTitle FROM category ORDER BY catTitle');
            $checked = '';
            while($row2 = $stmt2->fetch()){

                if(isset($_POST['catID'])){

                    if(in_array($row2['catID'], $_POST['catID'])){
                       $checked="checked='checked'";
                    }
                }


                echo "<input type='checkbox' name='catID[]' value='".$row2['catID']."' $checked> ".$row2['catTitle']."<br />";
            }

            ?>

        </fieldset>
        <br>
        <p><input class="btn btn-primary btn" type='submit' name='submit' value='Submit'></p>
        <?php include('../includes/submitpost.php');?>

        </form>

Here is when user submits

<?php

    //if form has been submitted process it
    if(isset($_POST['submit'])){

        //collect form data
        extract($_POST);

        //very basic validation
        if($postTitle ==''){
            $error[] = 'Please enter the title.';
        }

        if($postDesc ==''){
            $error[] = 'Please enter the description.';
        }

        if($postCont ==''){
            $error[] = 'Please enter the content.';
        }

        if(!isset($error)){

            try {



                $postURL = slug($postTitle);

                //insert into database
                $stmt = $db->prepare('INSERT INTO posts (postTitle,postURL,postDesc,postCont,postDate) VALUES (:postTitle, :postURL, :postDesc, :postCont, :postDate)') ;
                $stmt->execute(array(
                    ':postTitle' => $postTitle,
                    ':postURL' => $postURL,
                    ':postDesc' => $postDesc,
                    ':postCont' => $postCont,
                    ':postDate' => date('Y-m-d H:i:s')
                ));
                $postID = $db->lastInsertId();

                //add categories
                if(is_array($catID)){
                    foreach($_POST['catID'] as $catID){
                        $stmt = $db->prepare('INSERT INTO post_cats (postID,catID)VALUES(:postID,:catID)');
                        $stmt->execute(array(
                            ':postID' => $postID,
                            ':catID' => $catID
                        ));
                    }
                }

                //redirect to MainPanel page
                header('Location: ../users/MainPanel.php');
                exit;

            } catch(PDOException $e) {
                echo $e->getMessage();
            }

        }

    }

    //check for any errors
    if(isset($error)){
        foreach($error as $error){
            echo '<p class="error">'.$error.'</p>';
        }
    }
?>