if (!empty($_GET['u_id'])) {
// Check if the user already exists
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
// Is there an entry?
// Grab user's all unconfirmed mails
if (EXT_IS_ACTIVE("bonus")) {
// Load bonus ID
- $result = SQL_QUERY_ESC("SELECT stats_id, bonus_id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE userid=%d ORDER BY id",
+ $result = SQL_QUERY_ESC("SELECT stats_id, bonus_id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE userid=%s ORDER BY id",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
} else {
// Load stats ID (2nd will be ignored later! But it is needed for the same fetchrow command)
- $result = SQL_QUERY_ESC("SELECT stats_id, stats_id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE userid=%d ORDER BY id",
+ $result = SQL_QUERY_ESC("SELECT stats_id, stats_id, link_type FROM "._MYSQL_PREFIX."_user_links WHERE userid=%s ORDER BY id",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
}
// Some unconfirmed mails left
if ($_GET['del'] == "all") {
// Delete all unconfirmed mails by this user
- $result_del = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE userid=%d LIMIT %s",
+ $result_del = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_links WHERE userid=%s LIMIT %s",
array(bigintval($_GET['u_id']), $nums), __FILE__, __LINE__);
// Prepare mail and send it away
switch ($type)
{
case "NORMAL":
- $result_data = SQL_QUERY_ESC("SELECT subject, timestamp_ordered, cat_id FROM "._MYSQL_PREFIX."_user_stats WHERE id=%d LIMIT 1",
+ $result_data = SQL_QUERY_ESC("SELECT subject, timestamp_ordered, cat_id FROM "._MYSQL_PREFIX."_user_stats WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
$type = "mailid"; $DATA = $id; $PROBLEM = NORMAL_MAIL_PROBLEM;
$LINK = "<A href=\"".URL."/mailid.php?uid=".$_GET['u_id']."&mailid=".$id."\" target=\"_blank\">".$id."</A>";
break;
case "BONUS":
- $result_data = SQL_QUERY_ESC("SELECT subject, timestamp, cat_id FROM "._MYSQL_PREFIX."_bonus WHERE id=%d LIMIT 1",
+ $result_data = SQL_QUERY_ESC("SELECT subject, timestamp, cat_id FROM "._MYSQL_PREFIX."_bonus WHERE id=%s LIMIT 1",
array(bigintval($id2)), __FILE__, __LINE__);
$type = "bonusid"; $DATA = $id2; $PROBLEM = BONUS_MAIL_PROBLEM;
$LINK = "<A href=\"".URL."/mailid.php?uid=".$_GET['u_id']."&bonusid=".$id2."\" target=\"_blank\">".$id2."</A>";