- $sql = "UPDATE ".TB_PREF."attachments SET
- type_no=".db_escape($_POST['filterType']).",
- trans_no=".db_escape($_POST['trans_no']).",
- description=".db_escape($_POST['description']).", ";
- if ($filename != "")
- {
- $sql .= "filename=".db_escape($filename).",
- unique_name=".db_escape($unique_name).",
- filesize=".db_escape($filesize).",
- filetype=".db_escape($filetype);
- }
- $sql .= "tran_date='$date' WHERE id=".db_escape($selected_id);
- db_query($sql, "Attachment could not be updated");
+ update_attachment($selected_id, $_POST['filterType'], $_POST['trans_no'], $_POST['description'],
+ $filename, $unique_name, $filesize, $filetype);