- $result = SQL_QUERY_ESC("SELECT email, salut, surname, family FROM "._MYSQL_PREFIX."_sponsor_data WHERE id='%s' LIMIT 1",
- array($HTTP_GET_VARS['id']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT email, gender, surname, family FROM "._MYSQL_PREFIX."_sponsor_data WHERE id='%s' LIMIT 1",
+ array(bigintval($_GET['id'])), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {