$_POST['refid'] = 0;
if ($GLOBALS['refid'] > 0) {
// Test if the refid is valid
- $result = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
// Userid found?
// Check for IP timeout?
if ($_CONFIG['ip_timeout'] > 0) {
// Check his IP number
- $result = SQL_QUERY_ESC("SELECT joined, last_update FROM "._MYSQL_PREFIX."_user_data WHERE REMOTE_ADDR='%s' AND (joined > (UNIX_TIMESTAMP() - %s) OR last_update > (UNIX_TIMESTAMP() - %s)) LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT joined, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE REMOTE_ADDR='%s' AND (joined > (UNIX_TIMESTAMP() - %s) OR last_update > (UNIX_TIMESTAMP() - %s)) LIMIT 1",
array(GET_REMOTE_ADDR(), $_CONFIG['ip_timeout'], $_CONFIG['ip_timeout']), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Same IP in timeout range and different email address entered... Eat this, faker! ;-)
// Create user's account... //
//////////////////////////////
//
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_data (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
+ $result = SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")",
array(
$countryRow,