- $result = SQL_QUERY_ESC("SELECT salut, surname, family, email, status FROM "._MYSQL_PREFIX."_sponsor_data WHERE id='%s' LIMIT 1",
- array($HTTP_GET_VARS['id']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT gender, surname, family, email, status FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE `id`='%s' LIMIT 1",
+ array(bigintval(REQUEST_GET('id'))), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {