Why do insist on the quotes? SQL -- like pretty much any other language -- uses plain digit sequenes as integer literals. So
is valid SQL. No need to use any quotes.
And as long as he doesn't manage to escape the values, the quotes also don't increase security in any way.
So what's with the query code I gave you? Are you not interested? Will you "add security later"? (famous last words)
As long as the general query logic is broken, it makes little sense to dive into an endless debugging session, because you'll have to rewrite the code, anyway.
I'd also ask you to use a bit of common sense and do some thinking on your own. When you see the URL
in your browser and get a strange error message about "$movie_id", did it never occur to you that maybe your link isn't quite right?
You forgot to actually echo the variable:
<a href="movie_details.php?movie_id=<?php echo urlencode($movie_id) ?>">
OK, when you still have SQL error, then output your queries
and paste them
here in the forum (like simplypixie said). If you don't see the error, then probably we will.
I mean, I don't know about you, but I think it might be time to actually fix the problem and stop that game of us making a guess and you telling us that it still doesn't work.