if (!empty($_GET['mid'])) {
// Load email data
- $result = SQL_QUERY_ESC("SELECT id, sender, subject, url, timestamp, payment_id FROM "._MYSQL_PREFIX."_pool WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id, sender, subject, url, timestamp, payment_id FROM "._MYSQL_PREFIX."_pool WHERE id=%s LIMIT 1",
array(bigintval($_GET['mid'])), __FILE__, __LINE__);
// Delete mail only once
SEND_EMAIL($sender, MEMBER_ORDER_DELETED, $msg_user);
// Delete mail from queue
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_pool WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_pool WHERE id=%s LIMIT 1",
array(bigintval($_GET['mid'])), __FILE__, __LINE__);
// Fetch right stats_id from pool
$result = SQL_QUERY_ESC("SELECT s.id FROM "._MYSQL_PREFIX."_user_stats AS s
LEFT JOIN "._MYSQL_PREFIX."_pool AS p
ON s.pool_id=p.id
-WHERE s.pool_id=%d LIMIT 1",
+WHERE s.pool_id=%s LIMIT 1",
array(bigintval($_GET['mid'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Fetch stats id
SQL_FREERESULT($result);
// Get all user links
- $result = SQL_QUERY_ESC("SELECT COUNT(id) AS 'cnt' FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%d",
+ $result = SQL_QUERY_ESC("SELECT COUNT(id) AS 'cnt' FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%s",
array(bigintval($stats_id)), __FILE__, __LINE__);
// Get unconfirmed links for calculation of total points
}
// Remove links from DB
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%d",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE stats_id=%s",
array(bigintval($stats_id)), __FILE__, __LINE__);
// Output link for manually removing stats entry
}
} elseif (!empty($_GET['pid'])) {
// Remove stats entries
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_stats WHERE pool_id=%s LIMIT 1",
array(bigintval($_GET['pid'])), __FILE__, __LINE__);
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_USER_STATS_REMOVED);
} elseif ((!empty($_GET['bid'])) && (EXT_IS_ACTIVE("bonus"))) {
// Load data from bonus mail
- $result = SQL_QUERY_ESC("SELECT id, subject, url, timestamp FROM "._MYSQL_PREFIX."_bonus WHERE id=%d",
+ $result = SQL_QUERY_ESC("SELECT id, subject, url, timestamp FROM "._MYSQL_PREFIX."_bonus WHERE id=%s",
array(bigintval($_GET['bid'])), __FILE__, __LINE__);
// Delete mail only once
SQL_FREERESULT($result);
// Delete bonus mail entirely from database
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
array(bigintval($_GET['bid'])), __FILE__, __LINE__);
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%d",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE bonus_id=%s",
array(bigintval($_GET['bid'])), __FILE__, __LINE__);
// Prepare data for the template