projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
4946: Inserting a supplier without the short name resets the whole form. Fixed.
[fa-stable.git]
/
inventory
/
includes
/
db
/
items_units_db.inc
diff --git
a/inventory/includes/db/items_units_db.inc
b/inventory/includes/db/items_units_db.inc
index 2d23210273e8ddafe98d3177f17f5d5884651c03..d90b03b39e18944493aa4819da6826d756e49cb2 100644
(file)
--- a/
inventory/includes/db/items_units_db.inc
+++ b/
inventory/includes/db/items_units_db.inc
@@
-15,26
+15,26
@@
function write_item_unit($selected, $abbr, $description, $decimals)
$sql = "UPDATE ".TB_PREF."item_units SET
abbr = ".db_escape($abbr).",
name = ".db_escape($description).",
$sql = "UPDATE ".TB_PREF."item_units SET
abbr = ".db_escape($abbr).",
name = ".db_escape($description).",
- decimals =
$decimals
- WHERE
abbr = '$selected'"
;
+ decimals =
".db_escape($decimals)."
+ WHERE
abbr = ".db_escape($selected)
;
else
$sql = "INSERT INTO ".TB_PREF."item_units
(abbr, name, decimals) VALUES( ".db_escape($abbr).",
else
$sql = "INSERT INTO ".TB_PREF."item_units
(abbr, name, decimals) VALUES( ".db_escape($abbr).",
- ".db_escape($description).",
$decimals
)";
+ ".db_escape($description).",
".db_escape($decimals)."
)";
db_query($sql,"an item unit could not be updated");
}
function delete_item_unit($unit)
{
db_query($sql,"an item unit could not be updated");
}
function delete_item_unit($unit)
{
- $sql="DELETE FROM ".TB_PREF."item_units WHERE abbr=
'$unit'"
;
+ $sql="DELETE FROM ".TB_PREF."item_units WHERE abbr=
".db_escape($unit)
;
db_query($sql,"an unit of measure could not be deleted");
}
function get_item_unit($unit)
{
db_query($sql,"an unit of measure could not be deleted");
}
function get_item_unit($unit)
{
- $sql="SELECT * FROM ".TB_PREF."item_units WHERE abbr=
'$unit'"
;
+ $sql="SELECT * FROM ".TB_PREF."item_units WHERE abbr=
".db_escape($unit)
;
$result = db_query($sql,"an unit of measure could not be retrieved");
$result = db_query($sql,"an unit of measure could not be retrieved");
@@
-43,34
+43,35
@@
function get_item_unit($unit)
function get_unit_descr($unit)
{
function get_unit_descr($unit)
{
- $sql = "SELECT
description FROM ".TB_PREF."item_units WHERE abbr='$unit'"
;
+ $sql = "SELECT
name FROM ".TB_PREF."item_units WHERE abbr=".db_escape($unit)
;
- $result = db_query($sql, "could not unit description");
+ $result = db_query($sql, "could not
retrieve
unit description");
$row = db_fetch_row($result);
return $row[0];
}
function item_unit_used($unit) {
$row = db_fetch_row($result);
return $row[0];
}
function item_unit_used($unit) {
- $sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_master WHERE units=
'$unit'"
;
+ $sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_master WHERE units=
".db_escape($unit)
;
$result = db_query($sql, "could not query stock master");
$myrow = db_fetch_row($result);
return ($myrow[0] > 0);
}
$result = db_query($sql, "could not query stock master");
$myrow = db_fetch_row($result);
return ($myrow[0] > 0);
}
-function get_all_item_units() {
- $sql = "SELECT * FROM ".TB_PREF."item_units ORDER BY name";
+function get_all_item_units($all=false) {
+ $sql = "SELECT * FROM ".TB_PREF."item_units";
+ if (!$all) $sql .= " WHERE !inactive";
+ $sql .= " ORDER BY name";
return db_query($sql, "could not get stock categories");
}
return db_query($sql, "could not get stock categories");
}
-// 2008-06-15. Added
Joe Hunt
to get a measure of unit by given stock_id
+// 2008-06-15. Added to get a measure of unit by given stock_id
function get_unit_dec($stock_id)
{
$sql = "SELECT decimals FROM ".TB_PREF."item_units, ".TB_PREF."stock_master
function get_unit_dec($stock_id)
{
$sql = "SELECT decimals FROM ".TB_PREF."item_units, ".TB_PREF."stock_master
- WHERE abbr=units AND stock_id=
'$stock_id'
LIMIT 1";
+ WHERE abbr=units AND stock_id=
".db_escape($stock_id)."
LIMIT 1";
$result = db_query($sql, "could not get unit decimals");
$row = db_fetch_row($result);
return $row[0];
}
$result = db_query($sql, "could not get unit decimals");
$row = db_fetch_row($result);
return $row[0];
}
-?>
\ No newline at end of file