$value) { $_POST[$key] = $database->escape($value); } $uid = (int) $_POST['uid']; $topic = $_POST['topic']; $message = $_POST['message']; $time = time(); $query = "INSERT INTO ".TB_PREFIX."mdata (target, owner, topic, message, viewed, time) VALUES ('$uid', 1, '$topic', '$message', 0, '$time')"; mysqli_query($GLOBALS["link"], $query); header("Location: ../../../Admin/admin.php?p=Newmessage&uid=".$uid."&msg=ok"); ?>