FROM ".TB_PREF."purch_orders, ".TB_PREF."suppliers, ".TB_PREF."locations
WHERE ".TB_PREF."purch_orders.supplier_id = ".TB_PREF."suppliers.supplier_id
AND ".TB_PREF."locations.loc_code = into_stock_location
- AND ".TB_PREF."purch_orders.order_no = " . $order_no;
+ AND ".TB_PREF."purch_orders.order_no = ".db_escape($order_no);
$result = db_query($sql, "The order cannot be retrieved");
return db_fetch($result);
}
FROM ".TB_PREF."purch_order_details
LEFT JOIN ".TB_PREF."stock_master
ON ".TB_PREF."purch_order_details.item_code=".TB_PREF."stock_master.stock_id
- WHERE order_no =$order_no ";
+ WHERE order_no =".db_escape($order_no)." ";
$sql .= " ORDER BY po_detail_item";
return db_query($sql, "Retreive order Line Items");
}
}
else
$rep->title = _('PURCHASE ORDER');
- $rep->Header2($myrow, null, $myrow, $baccount, 8);
+ $rep->Header2($myrow, null, $myrow, $baccount, ST_PURCHORDER);
$result = get_po_details($i);
$SubTotal = 0;
$rep->TextCol(6, 7, $DisplayNet, -2);
$rep->NewLine(1);
if ($rep->row < $rep->bottomMargin + (15 * $rep->lineHeight))
- $rep->Header2($myrow, $branch, $myrow, $baccount, 8);
+ $rep->Header2($myrow, $branch, $myrow, $baccount, ST_PURCHORDER);
}
if ($myrow['comments'] != "")
{
$rep->row = $rep->bottomMargin + (15 * $rep->lineHeight);
$linetype = true;
- $doctype = 8;
+ $doctype = ST_PURCHORDER;
if ($rep->currency != $myrow['curr_code'])
{
include($path_to_root . "/reporting/includes/doctext2.inc");