More improved SQL queries

[mailer.git] / inc / modules / order.php

diff --git a/inc/modules/order.php b/inc/modules/order.php
index 0b3a5a4f7df1c6d9eb930abb1b00857acc1146f5..9082cb50ecd58a5d1ca1e6613099004c0ea7525d 100644 (file)
--- a/inc/modules/order.php
+++ b/inc/modules/order.php
@@ -37,14 +37,14 @@ if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 } elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN())) {
-       ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order");
+       addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "order");
        return;
 } elseif (!IS_MEMBER()) {
        // Sorry, no guest access!
-       $URL = URL."/modules.php?module=index";
+       $URL = "modules.php?module=index";
 } elseif (empty($_GET['order'])) {
        // You cannot call this module directly!
-       $URL = URL."/modules.php?module=login&what=order";
+       $URL = "modules.php?module=login&what=order";
 }
 
 // When URL is empty nothing bad happend here
@@ -63,20 +63,20 @@ if (empty($URL)) {
        }
 
        // Update sending pool
-       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET data_type='%s' WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1",
-        array($type, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
+       SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET data_type='%s' WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1",
+               array($type, bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
 
        // Finally is the entry valid?
        if (SQL_AFFECTEDROWS() == 1) {
                // Load personal data...
-               $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
-                array($GLOBALS['userid']), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
+                       array($GLOBALS['userid']), __FILE__, __LINE__);
                list($gender, $sname, $fname, $email) = SQL_FETCHROW($result);
                SQL_FREERESULT($result);
 
                // Load mail again...              0       1        2           3          4      5      6         7
-               $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM "._MYSQL_PREFIX."_pool WHERE id=%s AND sender=%s LIMIT 1",
-                array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
+               $result = SQL_QUERY_ESC("SELECT subject, text, receivers, payment_id, timestamp, url, cat_id, target_send FROM `{!_MYSQL_PREFIX!}_pool` WHERE id=%s AND sender=%s LIMIT 1",
+                       array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
                $DATA = SQL_FETCHROW($result);
                SQL_FREERESULT($result);
                if (empty($DATA[0])) $DATA[0] = DEFAULT_SUBJECT_LINE;
@@ -110,7 +110,7 @@ if (empty($URL)) {
                LOAD_TEMPLATE("member_order-back", false);
        } else {
                // Matching line not found or already "placed" in send queue
-               LOAD_URL(URL."/modules.php?module=login");
+               LOAD_URL("modules.php?module=login");
        }
 } else {
        // Redirect...