$content['refid'] = bigintval($_CONFIG['wernis_refid']);
// Get WDS66 id
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
$_GET['mode'] = "list";
// And load all rows!
- $result = SQL_QUERY_ESC("SELECT `id`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type` FROM "._MYSQL_PREFIX."_user_wernis WHERE `userid` = %d ORDER BY `wernis_timestamp` DESC",
+ $result = SQL_QUERY_ESC("SELECT `id`, `wernis_account`, `wernis_amount`, `wernis_timestamp`, `wernis_type` FROM "._MYSQL_PREFIX."_user_wernis WHERE `userid` = %s ORDER BY `wernis_timestamp` DESC",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Load all rows
// Get WDS66 id
$content['wds66_id'] = "";
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
$content['wds66_id'] = "";
// Get WDS66 id
- $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT wernis_userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Are there some entries?
ADD_POINTS_REFSYSTEM($GLOBALS['userid'], bigintval($_POST['amount']), false, 0, false, "direct");
// Update the user data as well..
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%d WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `wernis_userid`=%s WHERE userid=%s LIMIT 1",
array(bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
// All done!
}
// Remove the points from the account
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `used_points` = `used_points` + %d, `wernis_userid`=%d WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET `used_points` = `used_points` + %s, `wernis_userid`=%s WHERE userid=%s LIMIT 1",
array(bigintval($_POST['amount']), bigintval($_POST['wds66_id']), $GLOBALS['userid']), __FILE__, __LINE__);
// All done!