function DoSaveComment() { $this->post['name'] = JRequest::getVar('name', '', '', 'string'); $this->post['commentid'] = JRequest::getVar('commentid', '', '', 'string'); $this->post['email'] = JRequest::getVar('email', '', '', 'string'); $this->post['website'] = JRequest::getVar('website', '', '', 'string'); $this->post['body'] = JRequest::getVar('body', '', '', 'string'); $db = JFactory::getDBO(); $custom = FSTCF::Comm_StoreFields($this->customfields); $custom = serialize($custom); $qry = "UPDATE {$this->table} SET name = '" . FSTJ3Helper::getEscaped($db, $this->post['name']) . "', email = '" . FSTJ3Helper::getEscaped($db, $this->post['email']) . "', "; $qry .= "website = '" . FSTJ3Helper::getEscaped($db, $this->post['website']) . "', body = '" . FSTJ3Helper::getEscaped($db, $this->post['body']) . "', "; $qry .= "custom = '" . FSTJ3Helper::getEscaped($db, $custom) . "' WHERE id = " . FSTJ3Helper::getEscaped($db, $this->post['commentid']); $db->SetQuery($qry); $db->Query(); $this->DoShowComment(); exit; }