And based on IcEcReaM warning, here is how you can go without these lines: $id2 = intval($HTTP_POST_VARS[URL_ID]);
$id = $_GET['user_id']; // pazi zaradi sql injekcij!!!
$id2 = $id;
$id = $user_id;
variables $id and $user_id are being automaticaly populated and as IcEcReaM said, sanitized by 4images itself based on _POST and _GET data.