projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fixed extension module update and deletion.
[fa-stable.git]
/
admin
/
view_print_transaction.php
diff --git
a/admin/view_print_transaction.php
b/admin/view_print_transaction.php
index ec5e0f2d157e2938c0231367e891ca5bd595e5a1..3969418151680e4e5941a15115909e8e4f47506c 100644
(file)
--- a/
admin/view_print_transaction.php
+++ b/
admin/view_print_transaction.php
@@
-109,11
+109,11
@@
function handle_search()
$sql .= " ,$trans_ref ";
$sql .= ", ".$_POST['filterType']." as type FROM $table_name
$sql .= " ,$trans_ref ";
$sql .= ", ".$_POST['filterType']." as type FROM $table_name
- WHERE $trans_no_name >= "
. $_POST['FromTransNo']
. "
- AND $trans_no_name <= "
. $_POST['ToTransNo']
;
+ WHERE $trans_no_name >= "
.db_escape($_POST['FromTransNo'])
. "
+ AND $trans_no_name <= "
.db_escape($_POST['ToTransNo'])
;
if ($type_name != null)
if ($type_name != null)
- $sql .= " AND `$type_name` = "
. $_POST['filterType']
;
+ $sql .= " AND `$type_name` = "
.db_escape($_POST['filterType'])
;
$sql .= " ORDER BY $trans_no_name";
$sql .= " ORDER BY $trans_no_name";
@@
-137,10
+137,6
@@
function handle_search()
}
$table =& new_db_pager('transactions', $sql, $cols);
}
$table =& new_db_pager('transactions', $sql, $cols);
- if (list_updated('filterType') || get_post('ProcessSearch')) {
- $table->set_sql($sql);
- $table->set_columns($cols);
- }
$table->width = "40%";
display_db_pager($table);
}
$table->width = "40%";
display_db_pager($table);
}