<?php
-
+/**********************************************************************
+ Copyright (C) FrontAccounting, LLC.
+ Released under the terms of the GNU General Public License, GPL,
+ as published by the Free Software Foundation, either version 3
+ of the License, or (at your option) any later version.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
//--------------------------------------------------------------------------------------
function add_material_cost($stock_id, $qty, $date_)
$sql = "INSERT INTO ".TB_PREF."workorders (wo_ref, loc_code, units_reqd, stock_id,
type, date_, required_by)
- VALUES (".db_quote($wo_ref).", ".db_quote($loc_code).", $units_reqd, '$stock_id',
+ VALUES (".db_escape($wo_ref).", ".db_escape($loc_code).", $units_reqd, '$stock_id',
$type, '$date', '$required')";
db_query($sql, "could not add work order");
$date = date2sql($date_);
$required = date2sql($required_by);
- $sql = "UPDATE ".TB_PREF."workorders SET loc_code=".db_quote($loc_code).",
+ $sql = "UPDATE ".TB_PREF."workorders SET loc_code=".db_escape($loc_code).",
units_reqd=$units_reqd, stock_id='$stock_id',
required_by='$required',
date_='$date'