X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=gl%2Fmanage%2Fcurrencies.php;h=9bf6a9cd9c6e6db2e4234e70fcc6926c49423826;hb=fbdfe3f3da62ecf86e3ad978b89efbb6c317a47a;hp=4d5bf91892f1dc1557fb2b05b0c1345991c03f6c;hpb=a1e0df1ef259550f26bc150cf912fd518c7344e3;p=fa-stable.git

diff --git a/gl/manage/currencies.php b/gl/manage/currencies.php
index 4d5bf918..9bf6a9cd 100644
--- a/gl/manage/currencies.php
+++ b/gl/manage/currencies.php
@@ -9,11 +9,11 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
-$page_security = 9;
-$path_to_root="../..";
+$page_security = 'SA_CURRENCY';
+$path_to_root = "../..";
 include_once($path_to_root . "/includes/session.inc");
 
-page(_("Currencies"));
+page(_($help_context = "Currencies"));
 
 include_once($path_to_root . "/includes/ui.inc");
 include_once($path_to_root . "/includes/banking.inc");
@@ -86,8 +86,10 @@ function check_can_delete()
 		
 	if ($selected_id == "")
 		return false;
+	$curr = db_escape($selected_id);
+
 	// PREVENT DELETES IF DEPENDENT RECORDS IN debtors_master
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."debtors_master WHERE curr_code = '$selected_id'";
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."debtors_master WHERE curr_code = $curr";
 	$result = db_query($sql);
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0) 
@@ -96,7 +98,7 @@ function check_can_delete()
 		return false;
 	}
 
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."suppliers WHERE curr_code = '$selected_id'";
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."suppliers WHERE curr_code = $curr";
 	$result = db_query($sql);
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0) 
@@ -105,7 +107,7 @@ function check_can_delete()
 		return false;
 	}
 		
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."company WHERE curr_default = '$selected_id'";
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."company WHERE curr_default = $curr";
 	$result = db_query($sql);
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0) 
@@ -115,7 +117,7 @@ function check_can_delete()
 	}
 	
 	// see if there are any bank accounts that use this currency
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."bank_accounts WHERE bank_curr_code = '$selected_id'";
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."bank_accounts WHERE bank_curr_code = $curr";
 	$result = db_query($sql);
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0)