- $result = SQL_QUERY_ESC("SELECT id, status, gender, surname, family,
-company, position, tax_ident,
-street_nr1, street_nr2, country, zip, city, email, phone, fax, cell,
-points_amount AS points, last_pay AS pay, last_curr AS curr
-FROM "._MYSQL_PREFIX."_sponsor_data
-WHERE hash='%s' AND (status='UNCONFIRMED' OR status='EMAIL')
-LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT
+ `id`,`status`,`gender`,`surname`,`family`,
+ `company`,`position`,`tax_ident`,
+ `street_nr1`,`street_nr2`,`country`,`zip`,`city`,`email`,`phone`,`fax`,`cell`,
+ `points_amount` AS `points`,`last_payment`,`last_currency`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `hash`='%s' AND (
+ `status`='UNCONFIRMED' OR
+ `status`='EMAIL'
+ )
+LIMIT 1", array(getRequestElement('hash')), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {