// Order number placed, is he also logged in?
if (IS_MEMBER()) {
// Ok, test passed... :)
- $result = SQL_QUERY_ESC("SELECT subject, url FROM `{!_MYSQL_PREFIX!}_pool` WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT subject, url FROM `{!_MYSQL_PREFIX!}_pool` WHERE `id`=%s AND sender=%s AND data_type='TEMP' LIMIT 1",
array(bigintval(REQUEST_GET('order')), getUserId()), __FILE__, __LINE__);
// Finally is the entry valid?
$mode = 'member';
} else {
// Matching line not found!
- LOAD_URL('modules.php?module=index&what=login');
+ redirectToUrl('modules.php?module=index&what=login');
}
// Free memory
SQL_FREERESULT($result);
} else {
// He is no longer logged in
- LOAD_URL('modules.php?module=index&what=login');
+ redirectToUrl('modules.php?module=index&what=login');
}
}
}
} else {
// Go away...
- LOAD_URL('modules.php?module=login');
+ redirectToUrl('modules.php?module=login');
}
//
?>