array($user), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0) {
// Ok, let's create the admin login
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES('%s', '%s', '%s')",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins (login, password, email) VALUES ('%s', '%s', '%s')",
array($user, $md5, $email), __FILE__, __LINE__);
$ret = "done";
} else {
$VALUEs = implode(", ", $VALUEs);
// Generate SQL string
- $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES(".$VALUEs.")";
+ $SQL = "INSERT INTO "._MYSQL_PREFIX.$tableName." (".$KEYs.") VALUES (".$VALUEs.")";
}
// Free memory
// Is the raw userid set?
if ($_POST['uid_raw'][$id] > 0) {
// Generate subject
- $eval = "\$subjectLine = MEMBER_".$subject."_".strtoupper($table)."_SUBJECT;";
- eval($eval);
+ $subjectLine = constant('MEMBER_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
// Load email template
if (!empty($subjectPart)) {
} // END - if
// Generate subject
- $eval = "\$subjectLine = ADMIN_".$subject."_".strtoupper($table)."_SUBJECT;";
- eval($eval);
+ $subjectLine = constant('ADMIN_'.strtoupper($subject).'_'.strtoupper($table).'_SUBJECT');
// Send admin notification out
if (!empty($subjectPart)) {