- define('__POINTS_VALUE', $_POST['points']);
- if ((isset($_POST['ok'])) && ($_POST['points'] > 0))
- {
- $result_main = SQL_QUERY("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE status='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
- while (list($uid) = SQL_FETCHROW($result_main))
- {
- // User ID found in URL so we use this give him some credits
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
- array(bigintval($uid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
- // Selected user does exist
- list($sname, $fname, $email) = SQL_FETCHROW($result);
- SQL_FREERESULT($result);