- $sql .= "'$supplier_id', '" . $_POST['stock_id'] . "', " . $_POST['price'] . ", '" . $_POST['suppliers_uom'] . "', " .
- $_POST['conversion_factor'] . ", '" . $_POST['supplier_description'] . "')";
+ $sql .= "'$supplier_id', '" . $_POST['stock_id'] . "', " .
+ input_num('price') . ", '" . $_POST['suppliers_uom'] . "', " .
+ input_num('conversion_factor') . ", '" . $_POST['supplier_description'] . "')";