projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Hotkey support for viewer links.
[fa-stable.git]
/
taxes
/
db
/
tax_groups_db.inc
diff --git
a/taxes/db/tax_groups_db.inc
b/taxes/db/tax_groups_db.inc
index 10f0f5cfce9ecf124e6477fcf862ac4223cd79db..10f0256a2e4654826d50815ff76aa8ee8eec4c6e 100644
(file)
--- a/
taxes/db/tax_groups_db.inc
+++ b/
taxes/db/tax_groups_db.inc
@@
-12,7
+12,7
@@
function add_tax_group($name, $tax_shipping, $taxes, $rates)
if($tax_shipping) // only one tax group for shipping
clear_shipping_tax_group();
if($tax_shipping) // only one tax group for shipping
clear_shipping_tax_group();
- $sql = "INSERT INTO ".TB_PREF."tax_groups (name, tax_shipping) VALUES (
'$name'
, $tax_shipping)";
+ $sql = "INSERT INTO ".TB_PREF."tax_groups (name, tax_shipping) VALUES (
".db_escape($name)."
, $tax_shipping)";
db_query($sql, "could not add tax group");
$id = db_insert_id();
db_query($sql, "could not add tax group");
$id = db_insert_id();
@@
-29,7
+29,7
@@
function update_tax_group($id, $name, $tax_shipping, $taxes, $rates)
if($tax_shipping) // only one tax group for shipping
clear_shipping_tax_group();
if($tax_shipping) // only one tax group for shipping
clear_shipping_tax_group();
- $sql = "UPDATE ".TB_PREF."tax_groups SET name=
'$name'
,tax_shipping=$tax_shipping WHERE id=$id";
+ $sql = "UPDATE ".TB_PREF."tax_groups SET name=
".db_escape($name)."
,tax_shipping=$tax_shipping WHERE id=$id";
db_query($sql, "could not update tax group");
delete_tax_group_items($id);
db_query($sql, "could not update tax group");
delete_tax_group_items($id);