The only thing I had to change after testing was adding stripslashes() to the title and body as posting the form wanted to escape everything.
Also, I realised the PHP redirect using header wouldn't work so had to be clever and do it via JavaScript instead.