Please Login First!"; exit(1); } require_once("../include/db_info.inc.php"); require_once("../include/my_func.inc.php"); //contest_id $title = $_POST['title']; $content = $_POST['content']; $user_id = $_SESSION[$OJ_NAME.'_'.'user_id']; if(false){ $title = stripslashes($title); $content = stripslashes($content); } $content = str_replace("

", "", $content); $content = str_replace("

", "
", $content); $content = str_replace(",", ",", $content); $title=RemoveXSS($title); $content=RemoveXSS($content); $sql = "INSERT INTO news(`user_id`,`title`,`content`,`time`) VALUES(?,?,?,now())"; pdo_query($sql,$user_id,$title,$content); echo ""; ?>