X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=gl%2Fincludes%2Fdb%2Fgl_db_currencies.inc;h=a4d7e2d463b7d67966621d59cd4d4b31a19bcc3b;hb=c09be0dad6b05131e240349a375af7a4b7bf3444;hp=8c9ad97924b16ce0457b8a04eacd4e53a3d7dbe5;hpb=089cd98e0008223e0418389a0f3cdd4b7e7f5bac;p=fa-stable.git diff --git a/gl/includes/db/gl_db_currencies.inc b/gl/includes/db/gl_db_currencies.inc index 8c9ad979..a4d7e2d4 100644 --- a/gl/includes/db/gl_db_currencies.inc +++ b/gl/includes/db/gl_db_currencies.inc @@ -4,9 +4,9 @@ function update_currency($curr_abrev, $symbol, $currency, $country, $hundreds_name) { - $sql = "UPDATE ".TB_PREF."currencies SET currency='$currency', curr_symbol='$symbol', - country='$country', hundreds_name='$hundreds_name' WHERE curr_abrev = '$curr_abrev'"; - + $sql = "UPDATE ".TB_PREF."currencies SET currency=".db_escape($currency).", curr_symbol='$symbol', + country=".db_escape($country).", hundreds_name=".db_escape($hundreds_name)." WHERE curr_abrev = '$curr_abrev'"; + db_query($sql, "could not update currency for $curr_abrev"); } @@ -14,9 +14,9 @@ function update_currency($curr_abrev, $symbol, $currency, $country, $hundreds_na function add_currency($curr_abrev, $symbol, $currency, $country, $hundreds_name) { - $sql = "INSERT INTO ".TB_PREF."currencies (curr_abrev, curr_symbol, currency, country, hundreds_name) - VALUES ('$curr_abrev', '$symbol', '$currency', '$country', '$hundreds_name')"; - + $sql = "INSERT INTO ".TB_PREF."currencies (curr_abrev, curr_symbol, currency, country, hundreds_name) + VALUES (".db_escape($curr_abrev).", '$symbol', ".db_escape($currency).", ".db_escape($country).", ".db_escape($hundreds_name).")"; + db_query($sql, "could not add currency for $curr_abrev"); } @@ -26,7 +26,7 @@ function delete_currency($curr_code) { $sql="DELETE FROM ".TB_PREF."currencies WHERE curr_abrev='$curr_code'"; db_query($sql, "could not delete currency $curr_code"); - + $sql="DELETE FROM ".TB_PREF."exchange_rates WHERE curr_code='$curr_code'"; db_query($sql, "could not delete exchange rates for currency $curr_code"); } @@ -35,18 +35,18 @@ function delete_currency($curr_code) function get_currency($curr_code) { - $sql = "SELECT * FROM ".TB_PREF."currencies WHERE curr_abrev='$curr_code'"; + $sql = "SELECT * FROM ".TB_PREF."currencies WHERE curr_abrev='$curr_code'"; $result = db_query($sql, "could not get currency $curr_code"); - + $row = db_fetch($result); - return $row; + return $row; } //--------------------------------------------------------------------------------------------- function get_currencies() { - $sql = "SELECT * FROM ".TB_PREF."currencies"; + $sql = "SELECT * FROM ".TB_PREF."currencies"; return db_query($sql, "could not get currencies"); }