Removed many global variables from config.default.php to GL Setup, Company Setup...

[fa-stable.git] / sales / includes / db / cust_trans_details_db.inc

diff --git a/sales/includes/db/cust_trans_details_db.inc b/sales/includes/db/cust_trans_details_db.inc
index 4300e94bed65ae836b7b7aa091b2d738e156993a..9296a04cb028affccf837a62aac6118eb80a56d5 100644 (file)
--- a/sales/includes/db/cust_trans_details_db.inc
+++ b/sales/includes/db/cust_trans_details_db.inc
@@ -19,13 +19,13 @@ if (!is_array($debtor_trans_no))
        $sql = "SELECT ".TB_PREF."debtor_trans_details.*,
                ".TB_PREF."debtor_trans_details.unit_price+".TB_PREF."debtor_trans_details.unit_tax AS FullUnitPrice,
                ".TB_PREF."debtor_trans_details.description As StockDescription,
-               ".TB_PREF."stock_master.units
-               FROM ".TB_PREF."debtor_trans_details,".TB_PREF."stock_master
+               ".TB_PREF."stock_master.units, ".TB_PREF."stock_master.mb_flag
+               FROM ".TB_PREF."debtor_trans_details, ".TB_PREF."stock_master
                WHERE (";
 
        $tr=array();
        foreach ($debtor_trans_no as $trans_no)
-               $tr[] = 'debtor_trans_no='.$trans_no;
+               $tr[] = 'debtor_trans_no='.db_escape($trans_no);
 
        $sql .= implode(' OR ', $tr);