- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
-VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')",
- array(
- $GLOBALS['userid'],
- bigintval($_POST['payout']),
- bigintval($_POST['account']),
- $_POST['bank'],
- bigintval($_GET['payout']),
- $_POST['pass']
-), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_payouts` (`userid`, `payout_total`, `target_account`, `target_bank`, `payout_id`, `payout_timestamp`, `status`, `password`)
+VALUES (%s,%s,%s,'%s',%s, UNIX_TIMESTAMP(), 'NEW','%s')",
+ array(
+ getMemberId(),
+ bigintval(postRequestElement('payout')),
+ bigintval(postRequestElement('account')),
+ postRequestElement('bank'),
+ bigintval(getRequestElement('payout')),
+ postRequestElement('pass')
+ ), __FILE__, __LINE__);