// Add points to all accounts
define('__POINTS_VALUE', $_POST['points']);
if ((isset($_POST['ok'])) && ($_POST['points'] > 0)) {
- $result_main = SQL_QUERY("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE status='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
+ $result_main = SQL_QUERY("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE `status`='CONFIRMED' ORDER BY userid", __FILE__, __LINE__);
while (list($uid) = SQL_FETCHROW($result_main)) {
// User ID found in URL so we use this give him some credits
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
array(bigintval($uid)), __FILE__, __LINE__);
// Entry found?
}
} elseif (!empty($_GET['u_id'])) {
// User ID found in URL so we use this give him some credits
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s AND `status`='CONFIRMED' LIMIT 1",
array(bigintval($_GET['u_id'])),__FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Selected user does exist
projects / mailer.git / blobdiff