$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
- elseif (!IS_LOGGED_IN())
+ elseif (!IS_MEMBER())
{
LOAD_URL("modules.php?module=index");
}
ADD_DESCR("member", basename(__FILE__));
// Load status
-$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
list($status, $until, $span) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if ((isset($_POST['ok'])) && ($status == "Y") && ($span == "0"))
{
// Save request
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nl_timespan='".(ONE_DAY * 30)."' WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nl_timespan='".(ONE_DAY * 30)."' WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Load admin message