projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Security update merged from 2.1.
[fa-stable.git]
/
reporting
/
rep705.php
diff --git
a/reporting/rep705.php
b/reporting/rep705.php
index 4361b6e7cea3ee10d63448dbe11a05e58e5aa958..faf815f44c9c1aef9cab03e72606cc4911926447 100644
(file)
--- a/
reporting/rep705.php
+++ b/
reporting/rep705.php
@@
-62,9
+62,9
@@
function getPeriods($year, $account, $dimension, $dimension2)
FROM ".TB_PREF."gl_trans
WHERE account='$account'";
if ($dimension > 0)
FROM ".TB_PREF."gl_trans
WHERE account='$account'";
if ($dimension > 0)
- $sql .= " AND dimension_id =
$dimension"
;
+ $sql .= " AND dimension_id =
".db_escape($dimension)
;
if ($dimension2 > 0)
if ($dimension2 > 0)
- $sql .= " AND dimension2_id =
$dimension2"
;
+ $sql .= " AND dimension2_id =
".db_escape($dimension2)
;
$result = db_query($sql, "Transactions for account $account could not be calculated");
$result = db_query($sql, "Transactions for account $account could not be calculated");