Please Login First!";
exit(1);
}
require_once("../include/db_info.inc.php");
require_once("../include/my_func.inc.php");
echo "
", "", $content);
$content = str_replace("", "
", $content);
// $content = str_replace(",", ",", $content);
$user_id = $_SESSION[$OJ_NAME.'_'.'user_id'];
$news_id = intval($_POST['news_id']);
$sql = "UPDATE `news` SET `title`=?,`time`=now(),`content`=?,user_id=?,`menu`=? WHERE `news_id`=?";
//echo $sql;
pdo_query($sql,$title,$content,$user_id,$menu,$news_id);
$sessionDataKey = $OJ_NAME.'_'."_MENU_NEWS_CACHE";
unset($_SESSION[$sessionDataKey]);
header("location:news_list.php");
exit();
}else{
$news_id = intval($_GET['id']);
$sql = "SELECT * FROM `news` WHERE `news_id`=?";
$result = pdo_query($sql,$news_id);
if(count($result)!=1){
echo "No such News!";
exit(0);
}
$row = $result[0];
$title = htmlentities($row['title'],ENT_QUOTES,"UTF-8");
$content = $row['content'];
$showInMenu = $row['menu'] == 1;
}
?>