}
// Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
// Load data
$result = SQL_QUERY_ESC("SELECT opt_in FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
// Add entries to both tables
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_in (userid, from_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
- array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
- __FILE__, __LINE__);
+ array(bigintval($_POST['to_uid']), $GLOBALS['userid'], bigintval($_POST['points']), $_POST['reason'], __TRANS_ID),
+ __FILE__, __LINE__);
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_transfers_out (userid, to_uid, points, reason, time_trans, trans_id) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP(),'%s')",
- array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), addslashes($_POST['reason']), __TRANS_ID),
- __FILE__, __LINE__);
+ array($GLOBALS['userid'], bigintval($_POST['to_uid']), bigintval($_POST['points']), $_POST['reason'], __TRANS_ID),
+ __FILE__, __LINE__);
// Add points to account *directly* ...
ADD_POINTS_REFSYSTEM(bigintval($_POST['to_uid']), bigintval($_POST['points']), false, "0", false, "direct");
projects / mailer.git / blobdiff