X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fui%2Fui_lists.inc;h=d2be5fab97aec7eebcf1a62c3218e4d348e14f2a;hb=063c5f22068dbbd6adccacaf5bd0f66b2eda8e4f;hp=d83a4703bc3bbea540a966230f086413135b8aba;hpb=05d1e1fc65fe68645b540e06884db0e9f24b1a21;p=fa-stable.git diff --git a/includes/ui/ui_lists.inc b/includes/ui/ui_lists.inc index d83a4703..d2be5fab 100644 --- a/includes/ui/ui_lists.inc +++ b/includes/ui/ui_lists.inc @@ -419,8 +419,10 @@ function _format_add_curr($row) function add_edit_combo($type) { - global $path_to_root, $popup_editors; + global $path_to_root, $popup_editors, $use_icon_for_editkey; + if (!isset($use_icon_for_editkey) || $use_icon_for_editkey==0) + return ""; // Derive theme path $theme_path = $path_to_root . '/themes/' . user_theme(); @@ -707,7 +709,7 @@ $options = array( if (!$showclosed) $options['where'][] = "closed=0"; if($showtype) - $options['where'][] = "type_=$showtype"; + $options['where'][] = "type_=".db_escape($showtype); return combo_input($name, $selected_id, $sql, 'id', 'ref', $options); } @@ -887,7 +889,7 @@ function stock_component_items_list($name, $parent_stock_id, $selected_id=null, $all_option=false, $submit_on_change=false, $editkey = false) { return stock_items_list($name, $selected_id, $all_option, $submit_on_change, - array('where'=>array("stock_id != '$parent_stock_id'")), $editkey); + array('where'=>array("stock_id != ".db_escape($parent_stock_id))), $editkey); } function stock_component_items_list_cells($label, $name, $parent_stock_id, @@ -896,7 +898,7 @@ function stock_component_items_list_cells($label, $name, $parent_stock_id, if ($label != null) echo "