@mention和文本或没有@mention和文本

I'm having a little issue with my php file and wondering if somebody can take a look. If I update with an @mention and some text with the php below it will update the database and output the ajax. If it doesn't have an @mention and just text, it outputs nothing. How can I rectify the code to do both.

They are both contained with $_POST['newmsg'];

I have yet to escape my variables to prevent SQL injection.

PHP:

<?php
   error_reporting(E_ALL); ini_set('display_errors', 1);
   error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
   session_start();
   require_once "rawfeeds_load.php";
   include_once "include/functions.youtube.php";
?>
<?
   if(isset($_SESSION['id'])){
     $user1_id=mysqli_real_escape_string($mysqli,$_SESSION['id']);
     if(isset($_POST['toid'])){
      if($_POST['toid']==""){$_POST['toid']=$_SESSION['id'];}
       if(isset($_POST['newmsg'])&& isset($_POST['toid'])&& isset($_POST['privacy'])&& isset($_POST['red'])){
          $_POST['newmsg']=str_replace('@'.$_POST['red'].'','<a href="profile.php?username='.$_POST['red'].'">'.$_POST['red'].'</a>', $_POST['newmsg']);
          $date=date('y:m:d H:i:s');
            if($_POST['toid']==$_SESSION['id']){
                rawfeeds_user_core::create_streamitem("1",mysqli_real_escape_string($mysqli,$_SESSION['id']),mysqli_real_escape_string($mysqli,$_POST['newmsg']),mysqli_real_escape_string($mysqli,$_POST['privacy']),mysqli_real_escape_string($mysqli,$_POST['toid']),mysqli_real_escape_string($mysqli,$date));
            }else{
                rawfeeds_user_core::create_streamitem("3",mysqli_real_escape_string($mysqli,$_SESSION['id']),mysqli_real_escape_string($mysqli,$_POST['newmsg']),mysqli_real_escape_string($mysqli,$_POST['privacy']),mysqli_real_escape_string($mysqli,$_POST['toid']),mysqli_real_escape_string($mysqli,$date));
            }
        }
    }

PHP USER_CORE

 public function create_streamitem($typeid,$creatorid,$content,$ispublic,$targetuser,$date){
      global $mysqli;
        $content = $content;
  //    $content =  strip_tags($content);

        if(strlen($content)>0){
           $date=date('y:m:d H:i:s');
          $insert = "INSERT INTO streamdata(streamitem_type_id,streamitem_creator,streamitem_target,streamitem_timestamp,streamitem_content,streamitem_public) VALUES ($typeid,$creatorid,$targetuser,'$date','$content',$ispublic)";
        $add_post = mysqli_query($mysqli,$insert) or die(mysqli_error($mysqli));
        $last_id  = mysqli_insert_id($mysqli); 
            if(!($creatorid==$targetuser)){
                $fromuser=rawfeeds_user_core::getuser($creatorid);
                rawfeeds_user_core::add_notification(2,$_POST['toid'],$fromuser['id'],$fromuser['fullname']." posted a status on your wall","../singlepoststreamitem.php?sid=$last_id");
                $_SESSION['id']==$content;
        }       
        return;
        }else{
            return false;
        }           
}

AJAX

$("form#myforms").submit(function(event) {
    event.preventDefault();
    var content = $(this).children("#toid").val();
    var newmsg= $(this).children("#newmsg").text();
    var username = $(".red").attr("href");
    var privacy = $("#privacy").val();

    $.ajax({
      type: "POST",
      url: "insert.php",
      cache: false,
      dataType: "json",
      data: { toid: content, newmsg: newmsg, privacy: privacy, red: username }, 
      success: function(response){