projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fixed extension module update and deletion.
[fa-stable.git]
/
admin
/
view_print_transaction.php
diff --git
a/admin/view_print_transaction.php
b/admin/view_print_transaction.php
index 90943fe75bb00647eba2504920cf33afe8ebfaab..3969418151680e4e5941a15115909e8e4f47506c 100644
(file)
--- a/
admin/view_print_transaction.php
+++ b/
admin/view_print_transaction.php
@@
-109,11
+109,11
@@
function handle_search()
$sql .= " ,$trans_ref ";
$sql .= ", ".$_POST['filterType']." as type FROM $table_name
$sql .= " ,$trans_ref ";
$sql .= ", ".$_POST['filterType']." as type FROM $table_name
- WHERE $trans_no_name >= "
. $_POST['FromTransNo']
. "
- AND $trans_no_name <= "
. $_POST['ToTransNo']
;
+ WHERE $trans_no_name >= "
.db_escape($_POST['FromTransNo'])
. "
+ AND $trans_no_name <= "
.db_escape($_POST['ToTransNo'])
;
if ($type_name != null)
if ($type_name != null)
- $sql .= " AND `$type_name` = "
. $_POST['filterType']
;
+ $sql .= " AND `$type_name` = "
.db_escape($_POST['filterType'])
;
$sql .= " ORDER BY $trans_no_name";
$sql .= " ORDER BY $trans_no_name";