X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fdb%2Fprinters_db.inc;h=28c98a56b4b5d56c190d7634e76daca481fb2f64;hb=9a4dbbda763486152d2e98485a7a2a699426141d;hp=f605f658aefe52b4a0c34209b643ec215f94a9fd;hpb=cf67cec296e611c30be010686a5ea96d730418b0;p=fa-stable.git

diff --git a/admin/db/printers_db.inc b/admin/db/printers_db.inc
index f605f658..28c98a56 100644
--- a/admin/db/printers_db.inc
+++ b/admin/db/printers_db.inc
@@ -15,13 +15,13 @@ function write_printer_def($id, $name, $descr, $queue, $host, $port, $timeout)
 	if ($id>0)
 		$sql = "UPDATE ".TB_PREF."printers SET description=".db_escape($descr)
 		.",name=".db_escape($name).",queue=".db_escape($queue)
-		.",host=".db_escape($host).",port='$port',timeout='$timeout' "
-		."WHERE id=$id";
+		.",host=".db_escape($host).",port=".db_escape($port).",timeout=".db_escape($timeout)
+		." WHERE id=".db_escape($id);
 	else 
 		$sql = "INSERT INTO ".TB_PREF."printers ("
 			."name,description,queue,host,port,timeout) "
 			."VALUES (".db_escape($name).",".db_escape($descr).","
-			.db_escape($queue).",".db_escape($host).",'$port','$timeout')";
+			.db_escape($queue).",".db_escape($host).",".db_escape($port).",".db_escape($timeout).")";
 
 	return db_query($sql,"could not write printer definition");
 }
@@ -35,12 +35,17 @@ function get_all_printers()
 function get_printer($id)
 {
 		$sql = "SELECT * FROM ".TB_PREF."printers
-			WHERE id=$id";
+			WHERE id=".db_escape($id);
 
 		$result = db_query($sql,"could not get printer definition");
 		return  db_fetch($result);
 }
 
+function delete_printer($id)
+{
+	$sql="DELETE FROM ".TB_PREF."printers WHERE id=".db_escape($id);
+	db_query($sql,"could not delete printer definition");
+}
 //============================================================================
 // printer profiles functions
 //
@@ -52,7 +57,7 @@ function update_printer_profile($name, $dest)
 			."(profile, report, printer) VALUES ("
 			.db_escape($name).","
 			.db_escape($rep).","
-			.db_escape($printer).")";
+			.db_escape($printer ? $printer: null, true).")";
 		} else {
 			$sql = "DELETE FROM ".TB_PREF."print_profiles WHERE ("
 				."report=" . db_escape($rep)
@@ -101,4 +106,3 @@ function get_print_profile($name)
 	return db_query($sql,"could not get printing profile");
 }
 
-?>
\ No newline at end of file