Always sanitize your php variables or some bad guy can come across and do whatever he/she wants with it. You can also cause problems/exploit other (unprotected) systems which you're sending the variables to.
Code:
$site_link = mysql_real_escape_string($_GET['ccbill_id']);
ALWAYS