- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_payouts (userid, payout_total, target_account, target_bank, payout_id, payout_timestamp, status, password)
-VALUES (%d, %d, %d, '%s', %d, UNIX_TIMESTAMP(), 'NEW', '%s')",
- array(
- $GLOBALS['userid'],
- bigintval($_POST['payout']),
- bigintval($_POST['account']),
- $_POST['bank'],
- bigintval($_GET['payout']),
- $_POST['pass']
-), __FILE__, __LINE__);
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_payouts` (`userid`,`payout_total`,`target_account`,`target_bank`,`payout_id`,`payout_timestamp`,`status`,`password`)
+VALUES (%s,%s,%s,'%s',%s, UNIX_TIMESTAMP(), 'NEW','%s')",
+ array(
+ getMemberId(),
+ bigintval(postRequestParameter('payout')),
+ bigintval(postRequestParameter('account')),
+ postRequestParameter('bank'),
+ bigintval(getRequestParameter('payout')),
+ postRequestParameter('password')
+ ), __FILE__, __LINE__);