- $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%s AND sender=%s LIMIT 1",
- array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s AND sender=%s LIMIT 1",
+ array(bigintval(REQUEST_GET('order')), getUserId()), __FILE__, __LINE__);