projects / fa-stable.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Additional sql parameters cleanup.
[fa-stable.git] / purchasing / includes / db / suppalloc_db.inc
diff --git a/purchasing/includes/db/suppalloc_db.inc b/purchasing/includes/db/suppalloc_db.inc
index 959be3e2f2d6a1274737a739c27fb4a838df62a9..f9eed1a86c0a9caf6decb11fc4d9c8dd4f1e1429 100644 (file)
--- a/purchasing/includes/db/suppalloc_db.inc
+++ b/purchasing/includes/db/suppalloc_db.inc
@@ -69,7 +69,7 @@ function clear_supp_alloctions($type, $type_no, $date="")
 {
        // clear any allocations for this transaction
        $sql = "SELECT * FROM ".TB_PREF."supp_allocations
-               WHERE (trans_type_from=$type AND trans_no_from=$type_no)
+               WHERE (trans_type_from=".db_escape($type)." AND trans_no_from=".db_escape($type_no).")
                OR (trans_type_to=".db_escape($type)." AND trans_no_to=".db_escape($type_no).")";
        $result = db_query($sql, "could not void supp transactions for type=$type and trans_no=$type_no");
 
FrontAccounting stable branch