Ah ok so i had to take the '' out of the query around those 2 as for some reason it was adding them automatically. Thanks StarLion. I have another problem now, I've changed all the pages to make it SQL Injection proof but now im getting a few problems for example:
$query = sprintf("SELECT SUM(Payout) AS 'payout' FROM affleads WHERE `AffID` = '%s' AND `Date` LIKE '%%s%s%'",
SELECT SUM(Payout) AS 'payout' FROM affleads WHERE
AffID = '2' AND
Date LIKE '%s2011
As you can see theres still a %s in there that never got replaced, why is this happening?
Yea i have % at the beginning and end as its a wildcard.