Upload photo problem


Hi guys i have a problem with a website, i try to change some things on it, and for news page, i try to do in admin panel the option to upload image for news, like every time when you add a post in news page, to add 1 photo with.

and the guy who script this website have a strange script.

for admin panel the script its like that

[php] case ‘news’:
echo "

Te rog să foloseşti \n pentru linie nouă!

Data expirării:

An Luna Zi


in functions i have this one

[php] function add_news($title,$content,$y,$m,$d)
$title= addentities($title);
$content= addentities($content);
$y= intval(addentities($y));
$m= intval(addentities($m));
$d= intval(addentities($d));
$msg=“Noua postare trebuie să aibă un titlu.”;
}else if($content==""){
$msg=“Noua postare trebuie să aibă un conţinut!”;
}else if($y==-1 || $m==-1 || $d==-1){
$msg=“Noua postare trebuie să aibă o data de expirare!”;
}else if($y<intval(date(“Y”)) || ($y==intval(date(“Y”)) && $m<intval(date(“m”))) || ($y==intval(date(“Y”)) && $m==intval(date(“m”)) && $d<intval(date(“d”)))){
$msg=“Data expirarii nu poate fi în trecut.”;
$sql=“insert into account.kwix_news_ro (title,content,time,expire) values (’$title’,’$content’,’$now’,’$expire’)”;
$msg=“Am întampinat o problemă.Te rugăm să încerci din nou.”;
return json_encode(array(“st”=>$st,“msg”=>$msg));

[php] function get_news($ref,$_id=0)
$sql=“select * from account.kwix_news_ro where expire>’$time’ order by time desc”;
$_id= intval(addentities($_id));
$sql=“select * from account.kwix_news_ro where expire>’$time’ and id<”.$_id." order by time desc";
$_id= intval(addentities($_id));
$sql=“select * from account.kwix_news_ro where expire>’$time’ and id>”.$_id." order by time asc";
$date=date(“d/m/Y H:i”,$time);
$sql=“select * from account.kwix_news_ro where expire>’$time’ and id>=”.$_id;
$row= mysql_num_rows($rez);
if($row) $prev=1;
$sql=“select * from account.kwix_news_ro where expire>’$time’ and id>”.($id);
$row= mysql_num_rows($rez);
if($row) $prev=1;

and 1 file with name add_news.php

require ‘…/inc/functions.php’;
require ‘…/inc/config.php’;
if(isset($_GET[‘image’]) && isset($_GET[‘title’]) && isset($_GET[‘content’]) && isset($_GET[‘y’]) && isset($_GET[‘m’]) && isset($_GET[‘d’]) && is_admin()){
echo add_news($image, $title, $content, $y, $m, $d);

and get_news.php

require ‘…/inc/functions.php’;
require ‘…/inc/config.php’;
}else if(isset($_GET[‘id’]) && isset($_GET[‘next’])){
}else if(isset($_GET[‘id’]) && isset($_GET[‘prev’])){

and I really do not understand its encryption mode and how can I make a correct script without changing the old script. i’m a beginner, thanks guys :d