Added cancel edition hotkey

[fa-stable.git] / taxes / db / tax_types_db.inc

diff --git a/taxes/db/tax_types_db.inc b/taxes/db/tax_types_db.inc
index 029cad160e6e6c6c41c5c444a7d121ce0e2ff316..97a623290a272e0360390e4fe4895c666c65e8eb 100644 (file)
--- a/taxes/db/tax_types_db.inc
+++ b/taxes/db/tax_types_db.inc
@@ -1,18 +1,28 @@
 <?php
-
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+       Released under the terms of the GNU General Public License, GPL, 
+       as published by the Free Software Foundation, either version 3 
+       of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
 function add_tax_type($name, $sales_gl_code, $purchasing_gl_code, $rate)
 {
        $sql = "INSERT INTO ".TB_PREF."tax_types (name, sales_gl_code, purchasing_gl_code, rate)
-               VALUES ('$name', '$sales_gl_code', '$purchasing_gl_code', $rate)";
+               VALUES (".db_escape($name).", ".db_escape($sales_gl_code)
+               .", ".db_escape($purchasing_gl_code).", $rate)";
 
        db_query($sql, "could not add tax type");
 }
 
 function update_tax_type($type_id, $name, $sales_gl_code, $purchasing_gl_code, $rate)
 {
-       $sql = "UPDATE ".TB_PREF."tax_types SET name='$name',
-               sales_gl_code='$sales_gl_code',
-               purchasing_gl_code='$purchasing_gl_code',
+       $sql = "UPDATE ".TB_PREF."tax_types SET name=".db_escape($name).",
+               sales_gl_code=".db_escape($sales_gl_code).",
+               purchasing_gl_code=".db_escape($purchasing_gl_code).",
                rate=$rate
                WHERE id=$type_id";