- category_id='$category_id',
- sales_account='$sales_account',
- inventory_account='$inventory_account',
- cogs_account='$cogs_account',
- adjustment_account='$adjustment_account',
- assembly_account='$assembly_account',
- dimension_id=$dimension_id,
- dimension2_id=$dimension2_id,
- tax_type_id=$tax_type_id
- WHERE stock_id='$stock_id'";
+ category_id=".db_escape($category_id).",
+ sales_account=".db_escape($sales_account).",
+ inventory_account=".db_escape($inventory_account).",
+ cogs_account=".db_escape($cogs_account).",
+ adjustment_account=".db_escape($adjustment_account).",
+ assembly_account=".db_escape($assembly_account).",
+ dimension_id=".db_escape($dimension_id).",
+ dimension2_id=".db_escape($dimension2_id).",
+ tax_type_id=".db_escape($tax_type_id).",
+ no_sale=".db_escape($no_sale).",
+ no_purchase=".db_escape($no_purchase).",
+ editable=".db_escape($editable).",
+ depreciation_method=".db_escape($depreciation_method).",
+ depreciation_rate=".db_escape($depreciation_rate).",
+ fa_class_id=".db_escape($fa_class_id);
+
+ if ($units != '')
+ $sql .= ", units=".db_escape($units);
+
+ if ($mb_flag != '')
+ $sql .= ", mb_flag=".db_escape($mb_flag);
+
+ if ($depreciation_start != '') {
+ $sql .= ", depreciation_start='".date2sql($depreciation_start)."'"
+ .", depreciation_date='".date2sql($depreciation_start)."'";
+ }
+
+ $sql .= " WHERE stock_id=".db_escape($stock_id);