-$result = SQL_QUERY_ESC("SELECT company, position, tax_ident,
-gender, surname, family, street_nr1, street_nr2, zip, city, country,
-phone, fax, cell, email, url,
-status, receive_warnings
-FROM "._MYSQL_PREFIX."_sponsor_data
-WHERE id='%s' AND password='%s' LIMIT 1",
- array(bigintval($_COOKIE['sponsorid']), $_COOKIE['sponsorpass']), __FILE__, __LINE__);
-if (SQL_NUMROWS($result) == 1) {
+$result = sqlQueryEscaped("SELECT
+ `id`, `company`, `position`, `tax_ident`,
+ `gender`, `surname`, `family`, `street_nr1`, `street_nr2`, `zip`, `city`, `country`,
+ `phone`, `fax`, `cell`, `email`, `url`,
+ `status`, `receive_warnings`
+FROM
+ `{?_MYSQL_PREFIX?}_sponsor_data`
+WHERE
+ `id`=%s AND
+ `password`='%s'
+LIMIT 1",
+ array(
+ bigintval(getSession('sponsor_id')),
+ getSession('sponsorpass')
+ ), __FILE__, __LINE__);
+
+// Entry found?
+if (sqlNumRows($result) == 1) {