SQL injection fix

[fa-stable.git] / gl / includes / db / gl_db_accounts.inc

diff --git a/gl/includes/db/gl_db_accounts.inc b/gl/includes/db/gl_db_accounts.inc
index 26612b58225cfd95eb7c9b4b84e9c3f1031b5133..ce0a35071852b71d96ecb339f42b899e231c3bee 100644 (file)
--- a/gl/includes/db/gl_db_accounts.inc
+++ b/gl/includes/db/gl_db_accounts.inc
@@ -55,10 +55,6 @@ function get_gl_accounts_all($balance=-1)
                $where ="WHERE ctype>0 AND ctype<".CL_INCOME;
        elseif ($balance == 0)  
                $where ="WHERE ctype>".CL_EQUITY." OR ctype=0"; // backwards compatibility
-       $sql = "SELECT ".TB_PREF."chart_master.account_code, ".TB_PREF."chart_master.account_code2, ".TB_PREF."chart_master.account_name, 
-               ".TB_PREF."chart_types.name AS AccountTypeName,".TB_PREF."chart_types.id AS AccountType
-               $where";
-
        $sql = "SELECT ".TB_PREF."chart_master.account_code, ".TB_PREF."chart_master.account_name, ".TB_PREF."chart_master.account_code2,
                ".TB_PREF."chart_types.name AS AccountTypeName,".TB_PREF."chart_types.id AS AccountType,
                ".TB_PREF."chart_types.parent, ".TB_PREF."chart_class.class_name AS AccountClassName, ".TB_PREF."chart_class.cid AS ClassID,