Added text fields sanitization on upgrdae to 2.2.

[fa-stable.git] / gl / manage / gl_account_types.php

diff --git a/gl/manage/gl_account_types.php b/gl/manage/gl_account_types.php
index e6445a56c23a705494186dc7cba91e2fac382b50..27141d53d326f8f423c64a77079cdc8276cddf93 100644 (file)
--- a/gl/manage/gl_account_types.php
+++ b/gl/manage/gl_account_types.php
@@ -77,8 +77,10 @@ function can_delete($selected_id)
 {
        if ($selected_id == -1)
                return false;
+       $type = db_escape($selected_id);
+
        $sql= "SELECT COUNT(*) FROM ".TB_PREF."chart_master
-               WHERE account_type=$selected_id";
+               WHERE account_type=$type";
        $result = db_query($sql, "could not query chart master");
        $myrow = db_fetch_row($result);
        if ($myrow[0] > 0) 
@@ -88,7 +90,7 @@ function can_delete($selected_id)
        }
 
        $sql= "SELECT COUNT(*) FROM ".TB_PREF."chart_types
-               WHERE parent=$selected_id";
+               WHERE parent=$type";
        $result = db_query($sql, "could not query chart types");
        $myrow = db_fetch_row($result);
        if ($myrow[0] > 0)