if ((!empty($_GET['id'])) && (!empty($_GET['mode']))) {
// Check for selected sponsor
- $result = SQL_QUERY_ESC("SELECT company, position, gender, surname, family, street_nr1, street_nr2, zip, city, country, phone, fax, cell, email, url, tax_ident, receive_warnings, warning_interval FROM `"._MYSQL_PREFIX."_sponsor_data` WHERE id='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT company, position, gender, surname, family, street_nr1, street_nr2, zip, city, country, phone, fax, cell, email, url, tax_ident, receive_warnings, warning_interval FROM `{!MYSQL_PREFIX!}_sponsor_data` WHERE id='%s' LIMIT 1",
array(bigintval($_GET['id'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load sponsor details
$POINTS = strval(REVERT_COMMA($_POST['points']));
// Add points to account
- SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET points_amount=points_amount+%s WHERE id='%s' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_sponsor_data` SET points_amount=points_amount+%s WHERE id='%s' LIMIT 1",
array($POINTS, bigintval($_GET['id'])), __FILE__, __LINE__);
// Remember points /reason for the template
$POINTS = strval(REVERT_COMMA($_POST['points']));
// Add points to account
- SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET points_used=points_used+%s WHERE id='%s' LIMIT 1",
+ SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_sponsor_data` SET points_used=points_used+%s WHERE id='%s' LIMIT 1",
array($POINTS, bigintval($_GET['id'])), __FILE__, __LINE__);
// Remember points /reason for the template
projects / mailer.git / blobdiff