X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fstats_bonus.php;h=2ad4a0cf4d016827cfbcd4c49b119ef0335d4707;hb=cd85b0c3073573f83610b0b8b5f0b1aa90a855fa;hp=f7d664e96345084bf65339a59be741da50f17ecf;hpb=d0ab0382dd73638f0bc13a1a3d6f117ec11a203e;p=mailer.git

diff --git a/inc/stats_bonus.php b/inc/stats_bonus.php
index f7d664e963..2ad4a0cf4d 100644
--- a/inc/stats_bonus.php
+++ b/inc/stats_bonus.php
@@ -32,7 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
+if (!defined('__SECURITY'))
 {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
@@ -44,17 +44,15 @@ FROM "._MYSQL_PREFIX."_user_stats
 WHERE max_rec=clicks AND clicks>0 AND bonus_stats='N'
 ORDER BY userid", __FILE__, __LINE__);
 
-if (SQL_NUMROWS($result_bonus) > 0)
-{
+if (SQL_NUMROWS($result_bonus) > 0) {
 	// Remember stats bonus in constant
-	define('__STATS_BONUS', TRANSLATE_COMMA($CONFIG['bonus_stats']));
+	define('__STATS_BONUS', TRANSLATE_COMMA($_CONFIG['bonus_stats']));
 
 	// We found some mail orders...
-	while(list($id, $uid, $subj, $stamp, $clicks, $url) = SQL_FETCHROW($result_bonus))
-	{
+	while(list($id, $uid, $subj, $stamp, $clicks, $url) = SQL_FETCHROW($result_bonus)) {
 		// Add points
-		$result_points = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_stats=bonus_stats+%s WHERE userid=%d LIMIT 1",
-		 array($CONFIG['bonus_stats'], bigintval($uid)), __FILE__, __LINE__);
+		$result_points = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET bonus_stats=bonus_stats+%s WHERE userid=%s LIMIT 1",
+		 array($_CONFIG['bonus_stats'], bigintval($uid)), __FILE__, __LINE__);
 
 		// Prepare array
 		$content = array(
@@ -69,12 +67,12 @@ if (SQL_NUMROWS($result_bonus) > 0)
 		SEND_EMAIL($uid, BONUS_MEMBER_STATS_SUBJECT, $msg);
 
 		// Update database
-		$result_update =  SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET bonus_stats='Y' WHERE id=%d LIMIT 1",
+		$result_update =  SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_stats SET bonus_stats='Y' WHERE id=%s LIMIT 1",
 		 array(bigintval($id)), __FILE__, __LINE__);
 	}
 
 	// Handle bonus points
-	BONUS_POINTS_HANDLER($CONFIG['bonus_stats']);
+	BONUS_POINTS_HANDLER($_CONFIG['bonus_stats']);
 }
 
 // Free memory