$intError = 1; } if (!$intError) { foreach ($_POST as $key => $value) { $_POST[$key] = mysql_escape_string(trim($value)); } $sqlUpd = "UPDATE tblnews SET newstitle='" . $_POST["newstitle"] . "',meta_keyword='" . $_POST["meta_keyword"] . "',meta_description='" . $_POST["meta_description"] . "',content='" . $_POST["ncontent"] . "' "; $sqlUpd .= " WHERE id=" . $_POST["id"]; mysql_query($sqlUpd) or die(mysql_error()); $return = $_POST["return"]; header("Location:message.php?mess=14&return={$return}"); } $hdlTpl->setVariable("error_message", $strErrorMessage); //Assigns error message } $arrEditUser = $hldGlobal->fnFetchManagenews($_GET["id"]); if (is_array($arrEditUser) && count($arrEditUser) > 0) { $id = $_GET["id"] ? $_GET["id"] : $_POST["id"]; $return = $_GET["return"] ? $_GET["return"] : $_POST["return"]; $hdlTpl->setVariable("newstitle", stripslashes($arrEditUser[0]["newstitle"])); //Assigns news title $hdlTpl->setVariable("meta_keyword", stripslashes($arrEditUser[0]["meta_keyword"])); //Assigns news content $hdlTpl->setVariable("meta_description", stripslashes($arrEditUser[0]["meta_description"])); //Assigns news keyword $hdlTpl->setVariable("ncontent", stripslashes($arrEditUser[0]["content"])); //Assigns news description $hdlTpl->setVariable("id", $id); //Assigns id $hdlTpl->setVariable("return", $return); //Assigns return