elseif($action=="save") {
include("_mysql.php");
include("_settings.php");
include("_functions.php");
if(!isnewsadmin($userID)) die('No
access.');
$newsID = $_POST['newsID'];
$save = $_POST['save'];
$preview = $_POST['preview'];
$rubric = $_POST['rubric'];
$lang1 = $_POST['lang1'];
$headline1 = $_POST['headline1'];
$message = $_POST['message'];
$lang2 = $_POST['lang2'];
$headline2 = $_POST['headline2'];
$content2 = $_POST['content2'];
$link1 = $_POST['link1'];
$url1 = $_POST['url1'];
$window1 = $_POST['window1'];
$link2 = $_POST['link2'];
$url2 = $_POST['url2'];
$window2 = $_POST['window2'];
$link3 = $_POST['link3'];
$url3 = $_POST['url3'];
$window3 = $_POST['window3'];
$link4 = $_POST['link4'];
$url4 = $_POST['url4'];
$window4 = $_POST['window4'];
$intern = $_POST['intern'];
$comments = $_POST['comments'];
safe_query("UPDATE ".PREFIX."news SET rubric='$rubric',
lang1='$lang1',
headline1='".mysql_escape_string($headline1)."',
content1='".mysql_escape_string($message)."',
lang2='$lang2',
headline2='".mysql_escape_string($headline2)."',
content2='".mysql_escape_string($content2)."',
link1='$link1',
url1='$url1',
window1='$window1',
link2='$link2',
url2='$url2',
window2='$window2',
link3='$link3',
url3='$url3',
window3='$window3',
link4='$link4',
url4='$url4',
window4='$window4',
saved='1',
intern='$intern',
comments='$comments' WHERE newsID='$newsID'");
// löschen der einträge die älter als 1 stunde sind und keinen text enthalten
$ergebnis=safe_query("SELECT * FROM ".PREFIX."news WHERE headline1='' OR content1=''");
while($ds=mysql_fetch_array($ergebnis)) {
if((time()-$ds[date]) > (60*60)) safe_query("DELETE FROM ".PREFIX."news WHERE newsID='$ds[newsID]'");
}
if($_POST['topnews']) safe_query("UPDATE ".PREFIX."settings SET topnewsID='$newsID'");
if($save) echo'<body onLoad="window.close()"></body>';
if($preview) header("Location: news.php?action=preview&newsID=$newsID");
}