1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
<?php require("configure.php"); ?>
<?
$newsid = $_POST["newsid"];
$newsdate = htmlspecialchars($_POST["newsdate"],ENT_QUOTES);
$status = $_POST["status"];
$newstitle = htmlspecialchars($_POST["newstitle"],ENT_QUOTES);
$newsdesc = preg_replace("/'/","\'",$_POST["newsdesc"]);
$newstitletc = htmlspecialchars($_POST["newstitletc"],ENT_QUOTES);
$newsdesctc = preg_replace("/'/","\'",$_POST["newsdesctc"]);
$newstitlecover = htmlspecialchars($_POST["newstitlecover"],ENT_QUOTES);
$newsdesccover = htmlspecialchars($_POST["newsdesccover"],ENT_QUOTES);
$newstitletccover = htmlspecialchars($_POST["newstitletccover"],ENT_QUOTES);
$newsdesctccover = htmlspecialchars($_POST["newsdesctccover"],ENT_QUOTES);
$sql = "select max(newsid) as maxid ";
$sql .= "from news";
$result=mysql_query($sql);
$row = mysql_fetch_array($result,MYSQL_ASSOC);
$newsid = $row{maxid}+1;
$sql = "insert into news (newsid, newsdate, newsdesc, newstitle, newsdesctc, newstitletc, status, newsdesccover, newstitlecover, newsdesctccover, newstitletccover) values ('$newsid', '$newsdate', '$newsdesc', '$newstitle', '$newsdesctc', '$newstitletc', '$status', '$newsdesccover', '$newstitlecover', '$newsdesctccover', '$newstitletccover')";
//echo $sql;
mysql_query($sql);
mysql_close($dbh);
header("Location: newsindex.php?msg=Add Successful");
?>
|