// Enough points are left so let's continue with the doubling process
// Create doubling "account" width *DOUBLED* points
SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES ('%s','%s','%s','".detectRemoteAddr()."', UNIX_TIMESTAMP(), 'N','N')",
- array(getUserData('userid'), determineReferalId(), bigintval(postRequestParameter('points') * 2)), __FILE__, __LINE__);
+ array(
+ getUserData('userid'),
+ makeDatabaseUserId(determineReferalId()),
+ bigintval(postRequestParameter('points') * 2)
+ ), __FILE__, __LINE__);
// Subtract entered points
subtractPoints('doubler', getUserData('userid'), postRequestParameter('points'));
// Okay add a refid line and apply refid percents
SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_doubler` (`userid`, `refid`, `points`, `remote_ip`, `timemark`, `completed`, `is_ref`) VALUES ('%s',0,'%s','".detectRemoteAddr()."',UNIX_TIMESTAMP(),'N','Y')",
array(
- determineReferalId(),
+ makeDatabaseUserId(determineReferalId()),
bigintval(postRequestParameter('points') * 2 * getConfig('doubler_ref') / 100)
), __FILE__, __LINE__);
return $field;
}
+// Converts a userid so it can be used in SQL queries
+function makeDatabaseUserId ($userid) {
+ // Is it a valid username?
+ if (isValidUserId($userid)) {
+ // Always secure it
+ $userid = bigintval($userid);
+ } else {
+ // Is not valid or zero
+ $userid = 'NULL';
+ }
+
+ // Return it
+ return $userid;
+}
+
//////////////////////////////////////////////////
// AUTOMATICALLY RE-GENERATED MISSING FUNCTIONS //
//////////////////////////////////////////////////
projects / mailer.git / commitdiff