//End Security for CSRF attacks
global $Knews_plugin, $wpdb;
if ($Knews_plugin) {
    if (!$Knews_plugin->initialized) {
        $Knews_plugin->init();
    }
    require_once KNEWS_DIR . '/includes/knews_util.php';
    $id = $Knews_plugin->post_safe('idnews');
    $title = $Knews_plugin->post_safe('title', '', 'unsafe');
    $code = $Knews_plugin->post_safe('code', '', 'unsafe');
    $newstype = $Knews_plugin->post_safe('newstype', 'unknown');
    $date = $Knews_plugin->get_mysql_date();
    $code = str_replace('#@!', '<', $code);
    //WYSIWYG editor issues
    $code = knews_rgb2hex($code);
    if (!knews_is_utf8($code)) {
        $codeModule = utf8_encode($code);
    }
    $code = $Knews_plugin->htmlentities_corrected($code);
    //$title=$Knews_plugin->htmlentities_corrected($title);
    // (opcio beta) if (!knews_is_utf8($title)) $title=utf8_encode($title);
    if (strlen($Knews_plugin->post_safe('testslash', '', 'unsafe')) == 5) {
        $title = esc_sql($title);
        $query = "UPDATE " . KNEWS_NEWSLETTERS . " SET html_mailing='" . esc_sql($code) . "', modified='" . $date . "', subject='" . $title . "', newstype='" . $newstype . "' WHERE id=" . $id;
    } else {
        $query = "UPDATE " . KNEWS_NEWSLETTERS . " SET html_mailing='" . $code . "', modified='" . $date . "', subject='" . $title . "', newstype='" . $newstype . "' WHERE id=" . $id;
    }
    if ($wpdb->query($query)) {
        $query = "SELECT id FROM " . KNEWS_NEWSLETTERS . " WHERE id_mobile=" . $id;
        $newsparent = $wpdb->get_results($query);
        if (count($newsparent) > 0) {
         }
         $count_modules++;
     }
 }
 $containerModulesTemplate = knews_cut_code('<!--[open_insertion_container_start]-->', '<!--[close_insertion_container_start]-->', $bodyTemplate, true) . knews_cut_code('<!--[open_insertion_container_end]-->', '<!--[close_insertion_container_end]-->', $bodyTemplate, true);
 $bodyTemplate = knews_iterative_extract_code('<!--[open_ignore_code]-->', '<!--[close_ignore_code]-->', $bodyTemplate, true);
 $bodyTemplate = knews_iterative_extract_code('<!--[', ']-->', $bodyTemplate, true);
 $codeTemplate = str_replace('  ', ' ', $codeTemplate);
 $date = $Knews_plugin->get_mysql_date();
 if (!knews_is_utf8($bodyTemplate)) {
     $bodyTemplate = utf8_encode($bodyTemplate);
 }
 if (!knews_is_utf8($headTemplate)) {
     $headTemplate = utf8_encode($headTemplate);
 }
 if (!knews_is_utf8($codeModule)) {
     $codeModule = utf8_encode($codeModule);
 }
 $bodyTemplate = esc_sql($Knews_plugin->htmlentities_corrected($bodyTemplate));
 $headTemplate = esc_sql($Knews_plugin->htmlentities_corrected($headTemplate));
 $codeModule = esc_sql($Knews_plugin->htmlentities_corrected($codeModule));
 $sql = "INSERT INTO " . KNEWS_NEWSLETTERS . "(name, created, modified, template, html_mailing, html_head, html_modules, html_container, subject, lang, automated, mobile, id_mobile, newstype) VALUES ('" . $name . "', '" . $date . "', '" . $date . "','" . $template . "','" . $bodyTemplate . "','" . $headTemplate . "','" . $codeModule . "','" . $containerModulesTemplate . "','', '" . $Knews_plugin->post_safe('lang') . "', 0, " . ($mobile ? "1" : "0") . ", 0, '" . $newstype . "')";
 if ($wpdb->query($sql)) {
     $id_edit = $Knews_plugin->real_insert_id();
     //pro
     if ($mobile) {
         $sql = "UPDATE " . KNEWS_NEWSLETTERS . " SET id_mobile=" . $id_edit . ", modified='" . $date . "', newstype='" . $newstype . "' WHERE id=" . $Knews_plugin->post_safe('parent', 0, 'int');
         if ($wpdb->query($sql)) {
             //$id_parent=$wpdb->insert_id; $id_parent=mysql_insert_id(); if ($id_parent==0) $id_parent=$id_parent;
         }
     }