if (!isset($_POST['bank_account']))
$_POST['bank_account'] = "";
$sql = "SELECT ".TB_PREF."bank_trans.* FROM ".TB_PREF."bank_trans
- WHERE ".TB_PREF."bank_trans.bank_act = '" . $_POST['bank_account'] . "'
+ WHERE ".TB_PREF."bank_trans.bank_act = ".db_escape($_POST['bank_account']) . "
AND trans_date >= '$date_after'
AND trans_date <= '$date_to'
ORDER BY trans_date,".TB_PREF."bank_trans.id";
_("Debit"), _("Credit"), _("Balance"), _("Person/Item"), "");
table_header($th);
-$sql = "SELECT SUM(amount) FROM ".TB_PREF."bank_trans WHERE bank_act='" . $_POST['bank_account'] . "'
+$sql = "SELECT SUM(amount) FROM ".TB_PREF."bank_trans WHERE bank_act="
+ .db_escape($_POST['bank_account']) . "
AND trans_date < '$date_after'";
$before_qty = db_query($sql, "The starting balance on hand could not be calculated");
$running_total += $myrow["amount"];
$trandate = sql2date($myrow["trans_date"]);
- label_cell(systypes::name($myrow["type"]));
+ label_cell($systypes_array[$myrow["type"]]);
label_cell(get_trans_view_str($myrow["type"],$myrow["trans_no"]));
label_cell(get_trans_view_str($myrow["type"],$myrow["trans_no"],$myrow['ref']));
label_cell($trandate);
display_debit_or_credit_cells($myrow["amount"]);
amount_cell($running_total);
- label_cell(payment_person_types::person_name($myrow["person_type_id"],$myrow["person_id"]));
+ label_cell(payment_person_name($myrow["person_type_id"],$myrow["person_id"]));
label_cell(get_gl_view_str($myrow["type"], $myrow["trans_no"]));
end_row();