// Load security stuff here
require('inc/libs/security_functions.php');
-// Init "action" and "what"
-$GLOBALS['what'] = '';
-$GLOBALS['action'] = '';
-
// Set module
$GLOBALS['module'] = 'view';
$GLOBALS['output_mode'] = -1;
if (((REQUEST_ISSET_GET('user')) || (REQUEST_ISSET_GET('reseller'))) && (REQUEST_ISSET_GET('banner'))) {
// for later things... ;-)
- $result = SQL_QUERY_ESC("SELECT url FROM `{!_MYSQL_PREFIX!}_refbanner` WHERE `id`=%s LIMIT 1",
- array(bigintval(REQUEST_GET('banner'))), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT `url` FROM `{!_MYSQL_PREFIX!}_refbanner` WHERE `id`=%s LIMIT 1",
+ array(bigintval(REQUEST_GET('banner'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
list($url) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_refbanner` SET counter=counter+1 WHERE `id`=%s LIMIT 1",
- array(bigintval(REQUEST_GET('banner'))), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_refbanner` SET `counter`=`counter`+1 WHERE `id`=%s LIMIT 1",
+ array(bigintval(REQUEST_GET('banner'))), __FILE__, __LINE__);
$type = substr($url, -3);
sendHeader('Content-Type: image/' . $type);