More bugs resolved, thanks to profi-concept

[mailer.git] / inc / modules / guest / what-sponsor_login.php

diff --git a/inc/modules/guest/what-sponsor_login.php b/inc/modules/guest/what-sponsor_login.php
index c175a55b8b59b477fbb426993662d2b94635b12c..b81d0b51b01e61f4b80d1f4289e5d116a36f3913 100644 (file)
--- a/inc/modules/guest/what-sponsor_login.php
+++ b/inc/modules/guest/what-sponsor_login.php
@@ -63,7 +63,7 @@ if (!empty($_GET['hash'])) {
 company, position, tax_ident,
 street_nr1, street_nr2, country, zip, city, email, phone, fax, cell,
 points_amount AS points, last_pay AS pay, last_curr AS curr
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
 WHERE hash='%s' AND (status='UNCONFIRMED' OR status='EMAIL')
 LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 1) {
@@ -78,7 +78,7 @@ LIMIT 1", array($_GET['hash']), __FILE__, __LINE__);
                // Unconfirmed account or changed email address?
                if ($SPONSOR['status'] == "UNCONFIRMED") {
                        // Set account to pending
-                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='PENDING'
+                       SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET status='PENDING'
 WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
  array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
 
@@ -99,7 +99,7 @@ WHERE id='%s' AND hash='%s' AND status='UNCONFIRMED' LIMIT 1",
                        }
                } elseif ($SPONSOR['status'] == "EMAIL") {
                        // Changed email adress need to be confirmed
-                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET status='CONFIRMED'
+                       SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET status='CONFIRMED'
 WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1",
  array(bigintval($SPONSOR['id']), $_GET['hash']), __FILE__, __LINE__);
 
@@ -132,7 +132,7 @@ WHERE id='%s' AND hash='%s' AND status='EMAIL' LIMIT 1",
        if (isset($_POST['ok'])) {
                // Check email
                $result = SQL_QUERY_ESC("SELECT id, hash, status, remote_addr, gender, surname, family, sponsor_created
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
 WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1",
                        array($_POST['email']), __FILE__, __LINE__);
 
@@ -178,7 +178,7 @@ WHERE email='%s' AND (status='UNCONFIRMED' OR status='EMAIL') LIMIT 1",
        if (isset($_POST['ok'])) {
                // Check email
                $result = SQL_QUERY_ESC("SELECT id, hash, remote_addr, gender, surname, family, sponsor_created
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `"._MYSQL_PREFIX."_sponsor_data`
 WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1",
                        array($_POST['email'], bigintval($_POST['id'])), __FILE__, __LINE__);
                // Entry found?
@@ -198,7 +198,7 @@ WHERE email='%s' AND id='%s' AND status='CONFIRMED' LIMIT 1",
                        SEND_EMAIL($_POST['email'], SPONSOR_LOST_PASSWORD_SUBJ, $msg_sponsor);
 
                        // Update password
-                       SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_sponsor_data SET password='%s'
+                       SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_sponsor_data` SET password='%s'
 WHERE id='%s' LIMIT 1",
  array(md5($SPONSOR['password']), bigintval($SPONSOR['id'])), __FILE__, __LINE__);
 
@@ -217,7 +217,7 @@ WHERE id='%s' LIMIT 1",
        }
 } elseif (isset($_POST['ok'])) {
        // Check status and login data ...
-       $result = SQL_QUERY_ESC("SELECT status FROM "._MYSQL_PREFIX."_sponsor_data
+       $result = SQL_QUERY_ESC("SELECT status FROM `"._MYSQL_PREFIX."_sponsor_data`
 WHERE id='%s' AND password='%s' LIMIT 1",
  array(bigintval($_POST['sponsorid']), md5($_POST['pass'])), __FILE__, __LINE__);
        if (SQL_NUMROWS($result) == 1) {