userid secure in redirect

diff --git a/0.2.1/click.php b/0.2.1/click.php
index de80ccb59b2d60baa39d8d732ff0b4427d6f49cc..8a083637b46035d474f1f8bbc2d069d46b23e5e7 100644 (file)
--- a/0.2.1/click.php
+++ b/0.2.1/click.php
@@ -46,26 +46,19 @@ $GLOBALS['module'] = "click"; $CSS = -1;
 // Load the required file(s)
 require ("inc/config.php");
 
 // Load the required file(s)
 require ("inc/config.php");
 

-if (((!empty($_GET['user'])) || (!empty($_GET['reseller']))) && (!empty($_GET['banner'])))
-{
+if (((!empty($_GET['user'])) || (!empty($_GET['reseller']))) && (!empty($_GET['banner']))) {

        // Update clicks counter...
        $CLICK = 1;
        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refbanner SET clicks=clicks+1 WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);
        // Update clicks counter...
        $CLICK = 1;
        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refbanner SET clicks=clicks+1 WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);

-       if (SQL_AFFECTEDROWS($link) == 1)
-       {
-               if (!empty($_GET['user']))
-               {
-                       LOAD_URL(URL."/ref.php?refid=".$_GET['user']);
-               }
-                else
-               {
-                       LOAD_URL(URL."/shop_reseller.php?reseller=".$_GET['reseller']);
+       if (SQL_AFFECTEDROWS($link) == 1) {
+               if (!empty($_GET['user'])) {
+                       LOAD_URL(URL."/ref.php?refid=".bigintval($_GET['user']));
+               } else {
+                       LOAD_URL(URL."/shop_reseller.php?reseller=".bigintval($_GET['user']));

                }
        }
        exit();
                }
        }
        exit();

-}
- else
-{
+} else {

        // Do nothing for now
        die();
 }
        // Do nothing for now
        die();
 }