$value) { $_POST[$key] = $database->escape($value); } $uid = (int) $_POST['uid']; $topic = $_POST['topic']; $message = $_POST['message']; $time = time(); $query = "INSERT INTO ".TB_PREFIX."mdata SET target = $uid, owner = 1, topic = '$topic', message = '$message', viewed = 0, archived = 0, send = 0, time = $time, deltarget = 0, delowner = 0, alliance = 0, player = 0, coor = 0, report = 0"; mysqli_query($GLOBALS["link"], $query) OR DIE (mysqli_errno($GLOBALS["link"])); header("Location: ../../../Admin/admin.php?p=Newmessage&uid=".$uid."&msg=ok"); ?>