X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fdb%2Freferences_db.inc;h=ca086541bb55ce019c778e1ab48a8eb16a7e346d;hb=66a62190f99d83f958bb98195b5756b8b307e378;hp=16d599e0cc8fce132c28f7dd2f447edce9845e96;hpb=4098636a10a25952a38e1b0c8f6e80dff44ae4e7;p=fa-stable.git

diff --git a/includes/db/references_db.inc b/includes/db/references_db.inc
index 16d599e0..ca086541 100644
--- a/includes/db/references_db.inc
+++ b/includes/db/references_db.inc
@@ -13,7 +13,7 @@
 
 function get_reference($type, $id)
 {
-	$sql = "SELECT * FROM ".TB_PREF."refs WHERE type=$type AND id=$id";
+	$sql = "SELECT * FROM ".TB_PREF."refs WHERE type=".db_escape($type)." AND id=".db_escape($id);
 
 	$result = db_query($sql, "could not query reference table");
     $row = db_fetch($result);
@@ -21,20 +21,19 @@ function get_reference($type, $id)
 }
 
 //--------------------------------------------------------------------------------------------------
-
-function add_reference($type, $id, $reference)
+ 
+function update_reference($type, $id, $reference)
 {
-	$sql = "INSERT INTO ".TB_PREF."refs (type, id, reference)
-		VALUES ($type, $id, " . db_escape(trim($reference)) . ")";
-
-	db_query($sql, "could not add reference entry");
+    $sql = "REPLACE ".TB_PREF."refs SET reference=".db_escape($reference)
+			.", type=".db_escape($type).", id=".db_escape($id);
+    db_query($sql, "could not update reference entry");
 }
 
 //--------------------------------------------------------------------------------------------------
 
 function delete_reference($type, $id)
 {
-	$sql = "DELETE FROM ".TB_PREF."refs WHERE type=$type AND id=$id";
+	$sql = "DELETE FROM ".TB_PREF."refs WHERE type=".db_escape($type)." AND id=".db_escape($id);
 
 	return db_query($sql, "could not delete from reference table");
 }
@@ -43,7 +42,12 @@ function delete_reference($type, $id)
 
 function find_reference($type, $reference)
 {
-	$sql = "SELECT id FROM ".TB_PREF."refs WHERE type=$type AND reference='$reference'";
+	// ignore refs references for voided transactions
+	$sql = "SELECT r.id FROM ".TB_PREF."refs r LEFT JOIN ".TB_PREF."voided v ON"
+		." r.type=v.type AND r.id=v.id"
+		." WHERE r.type=".db_escape($type)
+		." AND reference=".db_escape($reference)
+		." AND ISNULL(`memo_`)";
 
 	$result = db_query($sql, "could not query reference table");
 
@@ -54,7 +58,8 @@ function find_reference($type, $reference)
 
 function save_next_reference($type, $reference)
 {
-    $sql = "UPDATE ".TB_PREF."sys_types SET next_reference=" . db_escape(trim($reference)) . " WHERE type_id = $type";
+    $sql = "UPDATE ".TB_PREF."sys_types SET next_reference=" . db_escape(trim($reference)) 
+		. " WHERE type_id = ".db_escape($type);
 
 	db_query($sql, "The next transaction ref for $type could not be updated");
 }
@@ -63,7 +68,7 @@ function save_next_reference($type, $reference)
 
 function get_next_reference($type)
 {
-    $sql = "SELECT next_reference FROM ".TB_PREF."sys_types WHERE type_id = $type";
+    $sql = "SELECT next_reference FROM ".TB_PREF."sys_types WHERE type_id = ".db_escape($type);
 
     $result = db_query($sql,"The last transaction ref for $type could not be retreived");