."dflt_assembly_act = ".db_escape($assembly_account).","
."dflt_dim1 = ".db_escape($dim1).","
."dflt_dim2 = ".db_escape($dim2).","
- ."dflt_no_sale = '$no_sale'"
- ." WHERE category_id = '$id'";
+ ."dflt_no_sale = ".db_escape($no_sale)
+ ."WHERE category_id = ".db_escape($id);
db_query($sql,"an item category could not be updated");
}
function delete_item_category($id)
{
- $sql="DELETE FROM ".TB_PREF."stock_category WHERE category_id='$id'";
+ $sql="DELETE FROM ".TB_PREF."stock_category WHERE category_id=".db_escape($id);
db_query($sql,"an item category could not be deleted");
}
+function get_item_categories($show_inactive)
+{
+ $sql = "SELECT c.*, t.name as tax_name FROM ".TB_PREF."stock_category c, "
+ .TB_PREF."item_tax_types t WHERE c.dflt_tax_type=t.id";
+ if (!$show_inactive) $sql .= " AND !c.inactive";
+
+ return db_query($sql, "could not get stock categories");
+}
+
function get_item_category($id)
{
- $sql="SELECT * FROM ".TB_PREF."stock_category WHERE category_id='$id'";
+ $sql="SELECT * FROM ".TB_PREF."stock_category WHERE category_id=".db_escape($id);
$result = db_query($sql,"an item category could not be retrieved");
function get_category_name($id)
{
- $sql = "SELECT description FROM ".TB_PREF."stock_category WHERE category_id=$id";
+ $sql = "SELECT description FROM ".TB_PREF."stock_category WHERE category_id=".db_escape($id);
$result = db_query($sql, "could not get sales type");