All database names are now 'back-ticked' and constant _MYSQL_PREFIX is wrapped. Partl...

[mailer.git] / inc / modules / admin / what-list_sponsor_pay.php

diff --git a/inc/modules/admin/what-list_sponsor_pay.php b/inc/modules/admin/what-list_sponsor_pay.php
index 7d6cace8eaca5da219af01b5b00aab2deae47619..a274160dea49e1226071baff364b778bb8369d6e 100644 (file)
--- a/inc/modules/admin/what-list_sponsor_pay.php
+++ b/inc/modules/admin/what-list_sponsor_pay.php
@@ -64,7 +64,7 @@ if (isset($_POST['add'])) {
                        $id = bigintval($id);
 
                        // Save entry
-                       SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_paytypes`
+                       SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_sponsor_paytypes`
 SET pay_name='%s', pay_rate='%s', pay_min_count='%s', pay_currency='%s' WHERE id='%s' LIMIT 1",
  array($_POST['name'][$id], $_POST['rate'][$id], bigintval($_POST['min'][$id]), $_POST['curr'][$id], $id),
  __FILE__, __LINE__);
@@ -76,7 +76,7 @@ SET pay_name='%s', pay_rate='%s', pay_min_count='%s', pay_currency='%s' WHERE id
                // Remove entries here...
                foreach ($_POST['id'] as $id => $sel) {
                        // Remove entry
-                       SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_sponsor_paytypes` WHERE id='%s' LIMIT 1",
+                       SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!MYSQL_PREFIX!}_sponsor_paytypes` WHERE id='%s' LIMIT 1",
                                array(bigintval($id)), __FILE__, __LINE__);
                }
 
@@ -93,11 +93,11 @@ SET pay_name='%s', pay_rate='%s', pay_min_count='%s', pay_currency='%s' WHERE id
 
 if (isset($_POST['add'])) {
        // Check if entry with same name does exists
-       $result = SQL_QUERY_ESC("SELECT id FROM `"._MYSQL_PREFIX."_sponsor_paytypes` WHERE pay_name='%s' LIMIT 1",
+       $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_sponsor_paytypes` WHERE pay_name='%s' LIMIT 1",
         array($_POST['pay_name']), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 0) {
                // No entry found so add this line
-               SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_sponsor_paytypes` (pay_name, pay_rate, pay_min_count, pay_currency)
+               SQL_QUERY_ESC("INSERT INTO `{!MYSQL_PREFIX!}_sponsor_paytypes` (pay_name, pay_rate, pay_min_count, pay_currency)
  VALUES ('%s','%s','%s','%s')",
  array(htmlspecialchars($_POST['pay_name']), REVERT_COMMA($_POST['pay_rate']), bigintval($_POST['pay_min_count']), htmlspecialchars($_POST['pay_currency'])),
  __FILE__, __LINE__);
@@ -120,7 +120,7 @@ if (isset($_POST['add'])) {
        $OUT = ""; $SW = 2;
        foreach ($_POST['id'] as $id => $sel) {
                // Load entry
-               $result = SQL_QUERY_ESC("SELECT pay_name, pay_rate, pay_min_count, pay_currency FROM `"._MYSQL_PREFIX."_sponsor_paytypes` WHERE id='%s' LIMIT 1",
+               $result = SQL_QUERY_ESC("SELECT pay_name, pay_rate, pay_min_count, pay_currency FROM `{!MYSQL_PREFIX!}_sponsor_paytypes` WHERE id='%s' LIMIT 1",
                 array(bigintval($id)), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1) {
                        // Load data
@@ -166,7 +166,7 @@ if (isset($_POST['add'])) {
        }
 } else {
        // Load all payment types
-       $result = SQL_QUERY("SELECT id, pay_name, pay_rate, pay_min_count, pay_currency FROM `"._MYSQL_PREFIX."_sponsor_paytypes` ORDER BY pay_name",
+       $result = SQL_QUERY("SELECT id, pay_name, pay_rate, pay_min_count, pay_currency FROM `{!MYSQL_PREFIX!}_sponsor_paytypes` ORDER BY pay_name",
         __FILE__, __LINE__);
 
        // Do we have some paytypes setup?