projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Cart init code moved from sales_order_ui.inc
[fa-stable.git]
/
sales
/
manage
/
sales_areas.php
diff --git
a/sales/manage/sales_areas.php
b/sales/manage/sales_areas.php
index 7aed3e6e04f0203cbc0ee85feedd41f709b9e09f..7b993667eeb5534632f6e083df4edf293463c181 100644
(file)
--- a/
sales/manage/sales_areas.php
+++ b/
sales/manage/sales_areas.php
@@
-33,12
+33,12
@@
if (isset($_POST['ADD_ITEM']) || isset($_POST['UPDATE_ITEM']))
{
if (isset($selected_id))
{
{
if (isset($selected_id))
{
- $sql = "UPDATE ".TB_PREF."areas SET description=
'" . $_POST['description'] . "'
WHERE area_code = '$selected_id'";
+ $sql = "UPDATE ".TB_PREF."areas SET description=
".db_escape($_POST['description'])."
WHERE area_code = '$selected_id'";
}
else
{
}
else
{
- $sql = "INSERT INTO ".TB_PREF."areas (description) VALUES (
'" . $_POST['description'] . "'
)";
+ $sql = "INSERT INTO ".TB_PREF."areas (description) VALUES (
".db_escape($_POST['description']) . "
)";
}
db_query($sql,"The sales area could not be updated or added");
}
db_query($sql,"The sales area could not be updated or added");