// Add points to all accounts
if ((isset($_POST['ok'])) && ($_POST['points'] > 0)) {
define('__POINTS_VALUE', $_POST['points']);
- $result_main = SQL_QUERY("SELECT userid FROM `"._MYSQL_PREFIX."_user_data` WHERE status='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
+ $result_main = SQL_QUERY("SELECT userid FROM `{!MYSQL_PREFIX!}_user_data` WHERE status='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
while (list($uid) = SQL_FETCHROW($result_main)) {
// Remove depth to prevent booking errors. This is a bad coding
// practice, thats also why we need to write this project from
}
} elseif (!empty($_GET['u_id'])) {
// User ID found in URL so we use this give him some credits
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!MYSQL_PREFIX!}_user_data` WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Selected user does exist