- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_in` (`userid`, `from_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)",
- array(bigintval(postRequestParameter('to_userid')), getMemberId(), bigintval(postRequestParameter('points')), postRequestParameter('reason'), $content['trans_id']), __FILE__, __LINE__);
- SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_out` (`userid`, `to_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)",
- array(getMemberId(), bigintval(postRequestParameter('to_userid')), bigintval(postRequestParameter('points')), postRequestParameter('reason'), $content['trans_id']), __FILE__, __LINE__);
+ sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_in` (`userid`, `from_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)",
+ array(
+ bigintval(postRequestElement('to_userid')),
+ getMemberId(),
+ bigintval(postRequestElement('points')),
+ postRequestElement('reason'),
+ $content['trans_id']
+ ), __FILE__, __LINE__);
+ sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_user_transfers_out` (`userid`, `to_userid`, `points`, `reason`, `time_trans`, `trans_id`) VALUES (%s,%s,%s,'%s', UNIX_TIMESTAMP(),%s)",
+ array(
+ getMemberId(),
+ bigintval(postRequestElement('to_userid')),
+ bigintval(postRequestElement('points')),
+ postRequestElement('reason'),
+ $content['trans_id']
+ ), __FILE__, __LINE__);