if ((isset($_POST['ok'])) && (!empty($_POST['points'])))
{
// Ok, add points and send an email to him...
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth='0' LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth=0 LIMIT 1",
array($_POST['points'], bigintval($uid)), __FILE__, __LINE__);
// Update mediadata as well
if ((isset($_POST['ok'])) && (!empty($_POST['points'])))
{
// Ok, add points and send an email to him...
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth='0' LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_points SET points=points+(%s) WHERE userid=%d AND ref_depth=0 LIMIT 1",
array($_POST['points'], bigintval($_GET['u_id'])), __FILE__, __LINE__);
// Remember points in constant