I think you may need to open the mysql connection prior to using mysql_real_escape_string. See the documentation.
EDIT
Try this, but what are the datatypes on your table? Are all the fields (usuario, comentario, fecha, estado) strings? That's what your insert statement is saying, I believe.
<?php
if( isset( $_POST[ 'reporte' ] ) ) {
$falla = $_POST[ 'reporte' ];
} else {
$falla = "";
}
if( !isset( $falla ) ) {
echo '<font color="red">Intentó enviar una forma vacía. Por favor intente de nuevo.</font>';
} else {
$host = "localhost"; // Host name
$username = "user"; // Mysql username
$password = "pass"; // Mysql password
$db_name = "cosa"; // Database name
$tbl_name = "reportes"; // Table name
$db = mysql_connect( $host, $username, $password ) or die( 'Cannot connect ' . mysql_errno( ) );
mysql_select_db( $db_name ) or die( 'Cannot select DB ' . mysql_error( ) );
$fecha = mysql_real_escape_string( stripslashes( $_POST[ 'fecha' ] ) );
$usuario = mysql_real_escape_string( stripslashes( $_POST[ 'usuario' ] ) );
$falla = mysql_real_escape_string( stripslashes( $falla ) );
$sql = "INSERT INTO $tbl_name(usuario, comentario, fecha, estado) VALUES('$usuario','$falla','$fecha', '0')" or die( 'mysql_error()' );
mysql_query( $sql ) or die( 'Error SQL !' . $sql . '<br>' . mysql_error( ) );
// You need a URL here, not a relative path
header( "Location:../../user/usuario.php" );
mysql_close( );
}
?>