************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
+if (!defined('__SECURITY'))
{
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
WHERE max_rec=clicks AND clicks>0 AND bonus_stats='N'
ORDER BY userid", __FILE__, __LINE__);
-if (SQL_NUMROWS($result_bonus) > 0)
-{
+if (SQL_NUMROWS($result_bonus) > 0) {
// Remember stats bonus in constant
define('__STATS_BONUS', TRANSLATE_COMMA($_CONFIG['bonus_stats']));
// We found some mail orders...
- while(list($id, $uid, $subj, $stamp, $clicks, $url) = SQL_FETCHROW($result_bonus))
- {
+ while(list($id, $uid, $subj, $stamp, $clicks, $url) = SQL_FETCHROW($result_bonus)) {
// Add points
- $result_points = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_stats=bonus_stats+%s WHERE userid=%d LIMIT 1",
+ $result_points = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_stats=bonus_stats+%s WHERE userid=%s LIMIT 1",
array($_CONFIG['bonus_stats'], bigintval($uid)), __FILE__, __LINE__);
// Prepare array
SEND_EMAIL($uid, BONUS_MEMBER_STATS_SUBJECT, $msg);
// Update database
- $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET bonus_stats='Y' WHERE id=%d LIMIT 1",
+ $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET bonus_stats='Y' WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
}