- addSql(SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_admins_mails` (admin_id, mail_template) VALUES ('%s','%s')",
- array($content['admin_id'], postRequestParameter('template', $id)), __FILE__, __LINE__, false));
+ addSql(sqlQueryEscaped("INSERT INTO `{?_MYSQL_PREFIX?}_admins_mails` (admin_id, mail_template) VALUES ('%s','%s')",
+ array($content['admin_id'], postRequestElement('template', $id)), __FILE__, __LINE__, FALSE));