projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Security statements update against sql injection attacks.
[fa-stable.git]
/
inventory
/
manage
/
item_categories.php
diff --git
a/inventory/manage/item_categories.php
b/inventory/manage/item_categories.php
index f5de480a4aed608016629daa26ec678815180550..149e23e65746acef08af873d36665e94d000f869 100644
(file)
--- a/
inventory/manage/item_categories.php
+++ b/
inventory/manage/item_categories.php
@@
-57,7
+57,7
@@
if ($Mode == 'Delete')
{
// PREVENT DELETES IF DEPENDENT RECORDS IN 'stock_master'
{
// PREVENT DELETES IF DEPENDENT RECORDS IN 'stock_master'
- $sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_master WHERE category_id=
'$selected_id'"
;
+ $sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_master WHERE category_id=
".db_escape($selected_id)
;
$result = db_query($sql, "could not query stock master");
$myrow = db_fetch_row($result);
if ($myrow[0] > 0)
$result = db_query($sql, "could not query stock master");
$myrow = db_fetch_row($result);
if ($myrow[0] > 0)