X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=dimensions%2Fincludes%2Fdimensions_db.inc;h=d0299b668b740906efa69d4dd3f3107fab557ba6;hb=c7a295ba3be4ec3403b767f2e2bf19014a5ebc28;hp=a66ca53873e7f6de20abca06a1a458b1327da1c5;hpb=da8311619dd73feae101d246a1957b972e00cbd2;p=fa-stable.git

diff --git a/dimensions/includes/dimensions_db.inc b/dimensions/includes/dimensions_db.inc
index a66ca538..d0299b66 100644
--- a/dimensions/includes/dimensions_db.inc
+++ b/dimensions/includes/dimensions_db.inc
@@ -8,15 +8,13 @@ function add_dimension($reference, $name, $type_, $date_, $due_date, $memo_)
 	$duedate = date2sql($due_date);
 
 	$sql = "INSERT INTO ".TB_PREF."dimensions (reference, name, type_, date_, due_date)
-		VALUES ('$reference', '$name', $type_, '$date', '$duedate')";
+		VALUES (".db_escape($reference).", ".db_escape($name).", $type_, '$date', '$duedate')";
 	db_query($sql, "could not add dimension");
 
 	$id = db_insert_id();
 
 	add_comments(systypes::dimension(), $id, $date_, $memo_);
 
-	add_forms_for_sys_type(systypes::dimension(), $id);
-
 	references::save_last($reference, systypes::dimension());
 
 	commit_transaction();
@@ -31,7 +29,7 @@ function update_dimension($id, $name, $type_, $date_, $due_date, $memo_)
 	$date = date2sql($date_);
 	$duedate = date2sql($due_date);
 
-	$sql = "UPDATE ".TB_PREF."dimensions SET name='$name',
+	$sql = "UPDATE ".TB_PREF."dimensions SET name=".db_escape($name).",
 		type_ = $type_,
 		date_='$date',
 		due_date='$duedate'
@@ -56,8 +54,6 @@ function delete_dimension($id)
 
 	delete_comments(systypes::dimension(), $id);
 
-	delete_forms_for_systype(systypes::dimension(), $id);
-
 	commit_transaction();
 }
 
@@ -83,15 +79,15 @@ function get_dimension_string($id, $html=false, $space=' ')
 	{
 		if ($html)
 			$dim = " ";
-		else	
+		else
 			$dim = "";
-	}		
+	}
 	else
 	{
 		$row = get_dimension($id, true);
 		$dim = $row['reference'] . $space . $row['name'];
 	}
-	
+
 	return $dim;
 }