- ) VALUES ($trans_no, $trans_type, '$debtor_no', '$BranchNo',
- '$SQLDate', '$SQLDueDate', '$reference',
- '$sales_type', $order_no, $Total, $discount, $Tax, $Freight,
- $FreightTax, $rate, '$ship_via', $AllocAmt, $trans_link)";
+ ) VALUES ($trans_no, $trans_type,
+ ".db_escape($debtor_no).", ".db_escape($BranchNo).",
+ '$SQLDate', '$SQLDueDate', ".db_escape($reference).",
+ ".db_escape($sales_type).", $order_no, $Total, ".db_escape($discount).", $Tax,
+ ".db_escape($Freight).",
+ $FreightTax, $rate, ".db_escape($ship_via).", $AllocAmt, ".db_escape($trans_link).")";