X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fstats_bonus.php;h=2ad4a0cf4d016827cfbcd4c49b119ef0335d4707;hb=820a65d753f3103901bec03a93588044670684fa;hp=05baaceaedda6e68e6186219a63c06d2e46709ca;hpb=60494e212a67fe360bfbb481eb4928480a6f379b;p=mailer.git diff --git a/inc/stats_bonus.php b/inc/stats_bonus.php index 05baaceaed..2ad4a0cf4d 100644 --- a/inc/stats_bonus.php +++ b/inc/stats_bonus.php @@ -32,7 +32,7 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); @@ -44,16 +44,14 @@ FROM "._MYSQL_PREFIX."_user_stats WHERE max_rec=clicks AND clicks>0 AND bonus_stats='N' ORDER BY userid", __FILE__, __LINE__); -if (SQL_NUMROWS($result_bonus) > 0) -{ +if (SQL_NUMROWS($result_bonus) > 0) { // Remember stats bonus in constant define('__STATS_BONUS', TRANSLATE_COMMA($_CONFIG['bonus_stats'])); // We found some mail orders... - while(list($id, $uid, $subj, $stamp, $clicks, $url) = SQL_FETCHROW($result_bonus)) - { + while(list($id, $uid, $subj, $stamp, $clicks, $url) = SQL_FETCHROW($result_bonus)) { // Add points - $result_points = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_stats=bonus_stats+%s WHERE userid=%d LIMIT 1", + $result_points = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_stats=bonus_stats+%s WHERE userid=%s LIMIT 1", array($_CONFIG['bonus_stats'], bigintval($uid)), __FILE__, __LINE__); // Prepare array @@ -69,7 +67,7 @@ if (SQL_NUMROWS($result_bonus) > 0) SEND_EMAIL($uid, BONUS_MEMBER_STATS_SUBJECT, $msg); // Update database - $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET bonus_stats='Y' WHERE id=%d LIMIT 1", + $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET bonus_stats='Y' WHERE id=%s LIMIT 1", array(bigintval($id)), __FILE__, __LINE__); }