X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;ds=inline;f=reporting%2Frep202.php;h=3f68bb5adcbe094115247a67361dd382baeef146;hb=8ea6c4dd0d9b31b3456d012b0c94339b801bee0c;hp=97156dc513ccc06ec51dd6e78f77230421b8096b;hpb=3ff9ed87cb909f19c8fe3e7dfda5df79d0c01a6c;p=fa-stable.git

diff --git a/reporting/rep202.php b/reporting/rep202.php
index 97156dc5..3f68bb5a 100644
--- a/reporting/rep202.php
+++ b/reporting/rep202.php
@@ -137,10 +137,10 @@ function print_aged_supplier_analysis()
 	$pastdue1 = $PastDueDays1 + 1 . "-" . $PastDueDays2 . " " . _('Days');
 	$pastdue2 = _('Over') . " " . $PastDueDays2 . " " . _('Days');
 
-	$sql = "SELECT supplier_id, supp_name AS name, curr_code FROM ".TB_PREF."suppliers ";
+	$sql = "SELECT supplier_id, supp_name AS name, curr_code FROM ".TB_PREF."suppliers";
 	if ($fromsupp != ALL_NUMERIC)
-		$sql .= "WHERE supplier_id=$fromsupp ";
-	$sql .= "ORDER BY supp_name";
+		$sql .= " WHERE supplier_id=".db_escape($fromsupp);
+	$sql .= " ORDER BY supp_name";
 	$result = db_query($sql, "The suppliers could not be retrieved");
 
 	while ($myrow=db_fetch($result))