It essentially 'empties' the supposed to be modifed table entry (the only thing left is the name), and creates a new entry with the updated information.
That sounds impossible, since control can only take one of the paths: update an existing row, or insert a new row. Could it be that this portion of code is somehow run twice, once with $_POST['StoryID'] blank and another with it containing some value?
Incidentally, you might want to avoid potential SQL injection attacks with say:
if (isset($_POST['titletxt'], $_POST['texttxt'], $_POST['datetxt']))
{
$title = mysql_real_escape_string($_POST['titletxt']);
$story = mysql_real_escape_string($_POST['texttxt']);
$time = mysql_real_escape_string($_POST['datetxt']);
$sql = '';
if (isset($_POST['StoryID']))
{
// Update.
$id = (int)$_POST['StoryID'];
$sql = "update news
set title = '$title',
story = '$story',
date = '$time'
where id = $id";
}
elseif (isset($_POST['authortxt']))
{
// New story.
$author = mysql_real_escape_string($_POST['authortxt']);
$sql = "insert into news
(title, author, date, story)
values
('$title', '$author', '$time', '$story')";
}
else
{
// author information left blank for a new entry
}
if ($sql != '')
{
$result = mysql_query($sql) or die (mysql_error());
}
}
else
{
// required information left blank
}
