X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Foverview-inc.php;h=6fdcafcf5676fbf3118d78782da0a6f2acfdf847;hp=7f0f3416ba3b5fd8fa0be48e59f4feb68227ce9c;hb=43885129ac24cee5545a8a5ad51e90aa182fdf46;hpb=7d563ebac402d78ee8f5cdf9b0a15eff19c5ff7c diff --git a/inc/modules/admin/overview-inc.php b/inc/modules/admin/overview-inc.php index 7f0f3416ba..6fdcafcf56 100644 --- a/inc/modules/admin/overview-inc.php +++ b/inc/modules/admin/overview-inc.php @@ -173,7 +173,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { // Assign / do tasks $OUT = ""; $SW = 2; foreach ($_POST['task'] as $id=>$sel) { - $result_task = SQL_QUERY_ESC("SELECT id, userid, task_type, subject, text, task_created, status, assigned_admin FROM "._MYSQL_PREFIX."_task_system WHERE id=%d AND (assigned_admin='%s' OR (assigned_admin='0' AND status='NEW')) LIMIT 1", + $result_task = SQL_QUERY_ESC("SELECT id, userid, task_type, subject, text, task_created, status, assigned_admin FROM "._MYSQL_PREFIX."_task_system WHERE id=%s AND (assigned_admin='%s' OR (assigned_admin='0' AND status='NEW')) LIMIT 1", array(bigintval($id), GET_ADMIN_ID(get_session('admin_login'))), __FILE__, __LINE__); if (SQL_NUMROWS($result_task) == 1) { // Task is valid... @@ -182,7 +182,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { if ($aid == "0") { // Assgin current admin to unassgigned task - $result_assign = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='%s' WHERE id=%d LIMIT 1", + $result_assign = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='%s' WHERE id=%s LIMIT 1", array(GET_ADMIN_ID(get_session('admin_login')), bigintval($tid)), __FILE__, __LINE__); } @@ -194,7 +194,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { } if ($uid > 0) { - $result_user = SQL_QUERY_ESC("SELECT sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", + $result_user = SQL_QUERY_ESC("SELECT sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__); if (SQL_NUMROWS($result_user) == 1) { @@ -292,7 +292,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { // Close task but not already closes or deleted or update tasks if (($status != "CLOSED") && ($status != "DELETED") && ($type != "EXTENSION_UPDATE")) { - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%s LIMIT 1", array(bigintval($tid)), __FILE__, __LINE__); } } @@ -304,7 +304,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { // Close task if (($status != "CLOSED") && ($status != "DELETED")) { - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%d LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET status='SOLVED' WHERE id=%s LIMIT 1", array(bigintval($tid)), __FILE__, __LINE__); } break; @@ -322,7 +322,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { if (EXT_IS_ACTIVE("payout")) { // Extension is installed so let him send a notification to the user - $result_pay = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_payouts WHERE userid=%d AND payout_timestamp=%d LIMIT 1", + $result_pay = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_payouts WHERE userid=%s AND payout_timestamp=%s LIMIT 1", array(bigintval($uid), bigintval($created)), __FILE__, __LINE__); list($pid) = SQL_FETCHROW($result_pay); SQL_FREERESULT($result_pay); @@ -353,7 +353,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { if (EXT_IS_ACTIVE("wernis")) { // Extension is installed so let him send a notification to the user - $result_pay = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_wernis WHERE userid=%d AND wernis_timestamp=%d LIMIT 1", + $result_pay = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_wernis WHERE userid=%s AND wernis_timestamp=%s LIMIT 1", array(bigintval($uid), bigintval($created)), __FILE__, __LINE__); list($pid) = SQL_FETCHROW($result_pay); SQL_FREERESULT($result_pay); @@ -385,7 +385,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { break; case "NL_UNSUBSCRIBE": // Newsletter unsubscriptions - $result = SQL_QUERY_ESC("SELECT nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", array(bigintval($uid)), __FILE__, __LINE__); list($span) = SQL_FETCHROW($result); SQL_FREERESULT($result); @@ -431,7 +431,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { // Unassign from tasks foreach ($_POST['task'] as $id=>$sel) { - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='0' WHERE id=%d AND assigned_admin='%s' LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='0' WHERE id=%s AND assigned_admin='%s' LIMIT 1", array(bigintval($id), GET_ADMIN_ID(get_session('admin_login'))), __FILE__, __LINE__); } } @@ -440,7 +440,7 @@ function OUTPUT_SELECTED_TASKS($_POST, $result_tasks) { // Delete tasks foreach ($_POST['task'] as $id=>$sel) { - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_task_system WHERE id=%d AND (assigned_admin='%s' OR assigned_admin='0') LIMIT 1", + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_task_system WHERE id=%s AND (assigned_admin='%s' OR assigned_admin='0') LIMIT 1", array(bigintval($id), GET_ADMIN_ID(get_session('admin_login'))), __FILE__, __LINE__); } }