// Order number placed, is he also logged in?
if (isMember()) {
// Ok, test passed... :)
- $result = SQL_QUERY_ESC("SELECT `subject`, `url` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `id`=%s AND `sender`=%s AND `data_type`='TEMP' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT `url` FROM `{?_MYSQL_PREFIX?}_pool` WHERE `id`=%s AND `sender`=%s AND `data_type`='TEMP' LIMIT 1",
array(bigintval(getRequestElement('order')), getMemberId()), __FILE__, __LINE__);
// Finally is the entry valid?
if (SQL_NUMROWS($result) == 1) {
// Load subject and URL (but forwhat do we need the subject line here???
- list($sub, $url) = SQL_FETCHROW($result);
+ list($url) = SQL_FETCHROW($result);
// This fixes a white page
setPostRequestElement('url', $url);