Changed context help organization to enable use of central, multilanguage wiki.

[fa-stable.git] / purchasing / supplier_invoice.php

diff --git a/purchasing/supplier_invoice.php b/purchasing/supplier_invoice.php
index 15a6529f1667438d4cb72d32503b4779ac153ef6..3440678189c5c6a8f76c1007840e1851d0f76bb6 100644 (file)
--- a/purchasing/supplier_invoice.php
+++ b/purchasing/supplier_invoice.php
@@ -25,7 +25,7 @@ if ($use_popup_windows)
        $js .= get_js_open_window(900, 500);
 if ($use_date_picker)
        $js .= get_js_date_picker();
-page(_("Enter Supplier Invoice"), false, false, "", $js);
+page(_($help_context = "Enter Supplier Invoice"), false, false, "", $js);
 
 //----------------------------------------------------------------------------------------
 
@@ -99,7 +99,7 @@ if (isset($_POST['AddGLCodeToTrans'])){
        $Ajax->activate('gl_items');
        $input_error = false;
 
-       $sql = "SELECT account_code, account_name FROM ".TB_PREF."chart_master WHERE account_code='" . $_POST['gl_code'] . "'";
+       $sql = "SELECT account_code, account_name FROM ".TB_PREF."chart_master WHERE account_code=".db_escape($_POST['gl_code']);
        $result = db_query($sql,"get account information");
        if (db_num_rows($result) == 0)
        {
@@ -186,10 +186,10 @@ function check_data()
                return false;
        }
 
-       $sql = "SELECT Count(*) FROM ".TB_PREF."supp_trans WHERE supplier_id='" 
-               . $_SESSION['supp_trans']->supplier_id . "' AND supp_reference='" 
-               . $_POST['supp_reference'] 
-               . "' AND ov_amount!=0"; // ignore voided invoice references
+       $sql = "SELECT Count(*) FROM ".TB_PREF."supp_trans WHERE supplier_id="
+               .db_escape($_SESSION['supp_trans']->supplier_id) . " AND supp_reference=" 
+               .db_escape( $_POST['supp_reference']) 
+               . " AND ov_amount!=0"; // ignore voided invoice references
 
        $result=db_query($sql,"The sql to check for the previous entry of the same invoice failed");