$ret = true;
foreach ($array as $key => $value) {
// Check all fields that must register
- $result = SQL_QUERY("SELECT `id` FROM `{?_MYSQL_PREFIX?}_must_register` WHERE `field_name`='".$key."' AND `field_required`='Y' LIMIT 1",
- __FUNCTION__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_must_register` WHERE `field_name`='%s' AND `field_required`='Y' LIMIT 1",
+ array($key), __FUNCTION__, __LINE__);
+
+ // Entry found?
if (SQL_NUMROWS($result) == 1) {
// Check if extension country is not found (you have to enter the 2-chars long country code) or
// if extensions is present check if country code was selected
bigintval(postRequestParameter('refid')),
$hash,
detectRemoteAddr(),
- ), __FILE__, __LINE__);
+ ), __FUNCTION__, __LINE__);
// Get his userid
$userid = bigintval(SQL_INSERTID());
// @TODO Rewrite this whole if() block to addPointsThroughReferalSystem(). This will also make following if() block obsolete
// @TODO Wether the registration bonus should only be added to user directly or through referal system should be configurable
$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s AND `ref_depth`=0 LIMIT 1",
- array($userid), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == '0') {
+ array($userid), __FUNCTION__, __LINE__);
+ if (SQL_HASZERONUMS($result)) {
// Add only when the line was not found (maybe some more secure?)
$locked = 'points';
if (getConfig('ref_payout') > 0) $locked = 'locked_points';
SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_points` (`userid`, `ref_depth`, `%s`) VALUES (%s,0,'{?points_register?}')",
- array($locked, $userid), __FILE__, __LINE__);
+ array($locked, $userid), __FUNCTION__, __LINE__);
// Update mediadata as well
if ((isExtensionInstalledAndNewer('mediadata', '0.0.4')) && ($locked == 'points')) {
if ($joined == 'Y') {
// Insert category entry
SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES (%s, %s)",
- array($userid, bigintval($cat)), __FILE__, __LINE__);
+ array($userid, bigintval($cat)), __FUNCTION__, __LINE__);
} // END - if
} // END - foreach
} // END - if