<?php
-
+/**********************************************************************
+ Copyright (C) FrontAccounting, LLC.
+ Released under the terms of the GNU General Public License, GPL,
+ as published by the Free Software Foundation, either version 3
+ of the License, or (at your option) any later version.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
function add_item_location($loc_code, $location_name, $delivery_address, $phone, $fax, $email, $contact)
{
$sql = "INSERT INTO ".TB_PREF."locations (loc_code, location_name, delivery_address, phone, fax, email, contact)
- VALUES (".db_quote($loc_code).", ".db_quote($location_name).", ".db_quote($delivery_address).", ".db_quote($phone).", ".db_quote($fax).", ".db_quote($email).", ".db_quote($contact).")";
+ VALUES (".db_escape($loc_code).", ".db_escape($location_name).", ".db_escape($delivery_address).", ".db_escape($phone).", ".db_escape($fax).", ".db_escape($email).", ".db_escape($contact).")";
db_query($sql,"a location could not be added");
function update_item_location($loc_code, $location_name, $delivery_address, $phone, $fax, $email, $contact)
{
- $sql = "UPDATE ".TB_PREF."locations SET location_name=".db_quote($location_name).",
- delivery_address=".db_quote($delivery_address).",
- phone=".db_quote($phone).", fax=".db_quote($fax).",
- email=".db_quote($email).", contact=".db_quote($contact)."
+ $sql = "UPDATE ".TB_PREF."locations SET location_name=".db_escape($location_name).",
+ delivery_address=".db_escape($delivery_address).",
+ phone=".db_escape($phone).", fax=".db_escape($fax).",
+ email=".db_escape($email).", contact=".db_escape($contact)."
WHERE loc_code = '$loc_code'";
db_query($sql,"a location could not be updated");
projects / fa-stable.git / blobdiff