/admin/post_add_action.php

<?php session_start(); ?>

<?php

 if(!$_SESSION['uname']){

  echo "??????????!";

  return false;

}

?>

<?php include("../inc/db_config.inc"); ?>

<?php

if(isset($_REQUEST['title'])&&$_REQUEST['title']!=""){

    $post_title=trim($_REQUEST['title']);

}else{

    echo "??????<a href='javascript:history.back()'>??</a>";

    return false;

}

if(isset($_REQUEST['type'])&&$_REQUEST['type']!=""){

    $post_type=$_REQUEST['type'];

}else{

    echo "???????<a href='javascript:history.back()'>??</a>";

    return false;

}

if(isset($_REQUEST['content'])&&$_REQUEST['content']!=""){

		if (get_magic_quotes_gpc()) {

			//$notice_cont = addslashes($_REQUEST['content']);

			$post_content =  stripslashes(trim($_REQUEST['content']));

		} else {

			$post_content = trim($_REQUEST['content']);

		}

		$post_content = str_replace('\'', "''", $post_content);

}else{

    echo "??????<a href='javascript:history.back()'>??</a>";

    return false;

}

date_default_timezone_set("Asia/Shanghai"); //????

$post_created=date("Y-m-d H:i:s");

$post_pubid=1;

$post_audit=1;

$post_allowComment=1;

$post_commentAudit=0;



//echo "insert into info (title,created,pubid,content,type,audit,allowComment,comment_audit) values('$post_title','$post_created','$post_pubid','$post_content','$post_type','$post_audit','$post_allowComment','$post_commentAudit')";

$result_post=mysql_query("insert into info (title,created,pubid,content,type,audit,allowComment,comment_audit) values('$post_title','$post_created','$post_pubid','$post_content','$post_type','$post_audit','$post_allowComment','$post_commentAudit')");

if(mysql_affected_rows()>0){

    $getID=mysql_insert_id();

    $ref=$_SERVER['HTTP_REFERER'];

    echo "????!????1???????.<a href='../show.php?pid=$getID'>??</a><script type='text/javascript'>setTimeout(function(){window.location.href='$ref'},1000)</script>";

}else{

    echo "????!<a href='javascript:history.back()'>??</a>";

}

 ?>