X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;ds=sidebyside;f=purchasing%2Finquiry%2Fsupplier_allocation_inquiry.php;h=1782ef075a495b3fb102901af348cbd9e9b9cdf2;hb=54d84ff9a67620ab38c676cdbcf87853632724f0;hp=55ab1678c676deb0b6142dd8a9f02664ea41f5e5;hpb=2829455fee1259fb5013f382309cb3e61e9381ef;p=fa-stable.git

diff --git a/purchasing/inquiry/supplier_allocation_inquiry.php b/purchasing/inquiry/supplier_allocation_inquiry.php
index 55ab1678..1782ef07 100644
--- a/purchasing/inquiry/supplier_allocation_inquiry.php
+++ b/purchasing/inquiry/supplier_allocation_inquiry.php
@@ -141,7 +141,7 @@ function fmt_credit($row)
      	AND trans.tran_date >= '$date_after'
     	AND trans.tran_date <= '$date_to'";
    	if ($_POST['supplier_id'] != reserved_words::get_all())
-   		$sql .= " AND trans.supplier_id = '" . $_POST['supplier_id'] . "'";
+   		$sql .= " AND trans.supplier_id = ".db_escape($_POST['supplier_id']);
    	if (isset($_POST['filterType']) && $_POST['filterType'] != reserved_words::get_all())
    	{
    		if (($_POST['filterType'] == '1') || ($_POST['filterType'] == '2'))