- $sql = "SELECT `id`, `id`, `subject`, `text`, `url`, `timestamp`, `mails_sent` FROM `{?_MYSQL_PREFIX?}_bonus` WHERE `id`='".getRequestParameter('bid')."' LIMIT 1";
+ $sql = sprintf("SELECT
+ `id`, `id` AS `sender`, `subject`, `text`, `url`, `timestamp`, `mails_sent` AS `max_rec`
+FROM
+ `{?_MYSQL_PREFIX?}_bonus`
+WHERE
+ `id`=%s
+LIMIT 1",
+ bigintval(getRequestParameter('bid'))
+ );