function db_customer_has_branches($customer_id)
{
return check_empty_result("SELECT COUNT(*) FROM ".TB_PREF."cust_branch "
- ."WHERE debtor_no='$customer_id'");
+ ."WHERE debtor_no=".db_escape($customer_id));
}
function db_has_customer_branches()
function db_has_tags($type)
{
- return check_empty_result("SELECT COUNT(*) FROM ".TB_PREF."tags WHERE type=$type");
+ return check_empty_result("SELECT COUNT(*) FROM ".TB_PREF."tags WHERE type=".db_escape($type));
}
function check_db_has_tags($type, $msg)
$result = db_query($sql, "could not do check empty query");
$myrow = db_fetch_row($result);
- return $myrow[0] > 0;
+ return $myrow[0] > 0;
}
//
// Integer input check
//
// Numeric input check.
// Return 1 if number has proper form and is within <min, max> range
+// Empty/not defined fields are defaulted to $dflt value.
//
-function check_num($postname, $min=null, $max=null) {
+function check_num($postname, $min=null, $max=null, $dflt=0) {
if(!isset($_POST[$postname]))
return 0;
- $num = input_num($postname);
+ $num = input_num($postname, $dflt);
if ($num === false || $num === null)
return 0;
if (isset($min) && ($num<$min))