More SQL rewrites, TODO: Put all table and column names in backticks (`)

[mailer.git] / inc / modules / member / what-newsletter.php

diff --git a/inc/modules/member/what-newsletter.php b/inc/modules/member/what-newsletter.php
index efe6475d10a89884660a18ee4236a4d1816c8d6a..7dd4140d33e51d9dfb9dd326132b53caaab10130 100644 (file)
--- a/inc/modules/member/what-newsletter.php
+++ b/inc/modules/member/what-newsletter.php
@@ -46,7 +46,7 @@ if (!defined('__SECURITY')) {
 ADD_DESCR("member", __FILE__);
 
 // Load status
-$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
  array($GLOBALS['userid']), __FILE__, __LINE__);
 list($status, $until, $span) = SQL_FETCHROW($result);
 SQL_FREERESULT($result);
@@ -57,7 +57,7 @@ define('__CHARGE_VALUE', TRANSLATE_COMMA($_CONFIG['nl_charge']));
 if ((isset($_POST['ok'])) && ($status == "Y") && ($span == "0"))
 {
        // Save request
-       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nl_timespan='".($_CONFIG['one_day'] * 30)."' WHERE userid=%s LIMIT 1",
+       $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET nl_timespan='".($_CONFIG['one_day'] * 30)."' WHERE userid=%s LIMIT 1",
         array($GLOBALS['userid']), __FILE__, __LINE__);
 
        // Load admin message