AND trans.tran_date <= '$date_to'";
if ($_POST['customer_id'] != ALL_TEXT)
- $sql .= " AND trans.debtor_no = '" . $_POST['customer_id'] . "'";
+ $sql .= " AND trans.debtor_no = ".db_escape($_POST['customer_id']);
if (isset($_POST['filterType']) && $_POST['filterType'] != ALL_TEXT)
{
$table =& new_db_pager('doc_tbl', $sql, $cols);
$table->set_marker('check_overdue', _("Marked items are overdue."));
-if (get_post('RefreshInquiry')) {
- $table->set_sql($sql);
- $table->set_columns($cols);
-}
$table->width = "80%";
start_form();