X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=inc%2Fmodules%2Fmember%2Fwhat-wernis.php;h=3c7a323c9a9343b716626cd57323459138cfeb84;hb=6c763653e88b9d10627e651ca59c7201d4b7d62b;hp=227d5031a0d756a2c0bcb019f3d9850b0a289498;hpb=939bce138060b727dc96764df88fbb8e4e7049c7;p=mailer.git diff --git a/inc/modules/member/what-wernis.php b/inc/modules/member/what-wernis.php index 227d5031a0..3c7a323c9a 100644 --- a/inc/modules/member/what-wernis.php +++ b/inc/modules/member/what-wernis.php @@ -38,7 +38,7 @@ if (!defined('__SECURITY')) { } elseif (!IS_MEMBER()) { // User is not logged in LOAD_URL("modules.php?module=index"); -} elseif (!EXT_IS_ACTIVE("wernis")) { +} elseif ((!EXT_IS_ACTIVE("wernis")) && (!IS_ADMIN())) { ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "wernis"); return; } @@ -63,7 +63,7 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) { $content['wds66_id'] = 0; // Get WDS66 id - $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); // Are there some entries? @@ -154,7 +154,7 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) { // Get WDS66 id $content['wds66_id'] = ""; - $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); // Are there some entries? @@ -178,7 +178,7 @@ if ((!isset($_GET['mode'])) || ($_GET['mode'] == "choose")) { WERNIS_ADD_FEES_TO_ARRAY($content); // Get WDS66 id - $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT wernis_userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1", array($GLOBALS['userid']), __FILE__, __LINE__); // Are there some entries? @@ -235,7 +235,7 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) { ADD_POINTS_REFSYSTEM("wernis_withdraw", $GLOBALS['userid'], bigintval($_POST['amount']), false, 0, false, "direct"); // Update the user data as well.. - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%s WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET `wernis_userid`=%s WHERE userid=%s LIMIT 1", array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__); // All done! @@ -270,7 +270,7 @@ if ((isset($_POST['ok'])) && (isset($_GET['mode']))) { SUB_POINTS("wernis_payout", $GLOBALS['userid'], $_POST['amount']); // Update WDS66 id - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%s WHERE userid=%s LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET `wernis_userid`=%s WHERE userid=%s LIMIT 1", array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__); // All done!