Merged stable branch up to 2.3.10

[fa-stable.git] / includes / systypes.inc

diff --git a/includes/systypes.inc b/includes/systypes.inc
index 1c91abc2e33e6f6aa5dc0e35347b99fe0b397930..974adfdbb0ed51f27272ab4f6e5d6ec168c0a075 100644 (file)
--- a/includes/systypes.inc
+++ b/includes/systypes.inc
@@ -26,7 +26,7 @@ function get_next_trans_no ($trans_type){
        $sql = "SELECT MAX(`$st[2]`) FROM $st[0]";
 
        if ($st[1] != null)
-                $sql .= " WHERE `$st[1]`=$trans_type";
+                $sql .= " WHERE `$st[1]`=".db_escape($trans_type);
 
     $result = db_query($sql,"The next transaction number for $trans_type could not be retrieved");
     $myrow = db_fetch_row($result);