- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_in` (`userid`, `from_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
- array(bigintval(postRequestElement('to_userid')), getMemberId(), bigintval(postRequestElement('points')), postRequestElement('reason'), $content['trans_id']), __FILE__, __LINE__);
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_out` (`userid`, `to_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
- array(getMemberId(), bigintval(postRequestElement('to_userid')), bigintval(postRequestElement('points')), postRequestElement('reason'), $content['trans_id']), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_in` (`userid`,`from_userid`,`points`,`reason`,`time_trans`,`trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)",
+ array(
+ bigintval(postRequestParameter('to_userid')),
+ getMemberId(),
+ bigintval(postRequestParameter('points')),
+ postRequestParameter('reason'),
+ $content['trans_id']
+ ), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_out` (`userid`,`to_userid`,`points`,`reason`,`time_trans`,`trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)",
+ array(
+ getMemberId(),
+ bigintval(postRequestParameter('to_userid')),
+ bigintval(postRequestParameter('points')),
+ postRequestParameter('reason'),
+ $content['trans_id']
+ ), __FILE__, __LINE__);