// Init "action" and "what"
global $what, $action;
$GLOBALS['what'] = ""; $GLOBALS['action'] = "";
-if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
-if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
// Set module
$GLOBALS['module'] = "view"; $CSS = -1;
// Load the required file(s)
-require ("inc/config.php");
+require("inc/config.php");
if (((!empty($_GET['user'])) || (!empty($_GET['reseller']))) && (!empty($_GET['banner']))) {
// Count banner view... we currently don't need the user's id but maybe
$VIEW = 1;
// for later things... ;-)
- $result = SQL_QUERY_ESC("SELECT url FROM "._MYSQL_PREFIX."_refbanner WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT url FROM "._MYSQL_PREFIX."_refbanner WHERE id=%s LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
list($url) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refbanner SET counter=counter+1 WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refbanner SET counter=counter+1 WHERE id=%s LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);
$type = substr($url, -3);
@header ("Content-Type: image/".$type);
// Free memory
SQL_FREERESULT($result);
}
- exit();
} else {
// Do nothing for now
LOAD_URL (URL."/index.php");
}
-//
+// // END - if
?>