X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=inventory%2Fcost_update.php;h=e268f360dbdcdca8d6200bf88d087a57ab98b36d;hb=af78fbb535a6fedbc2eb70a26ddc39739be2b986;hp=ba8a39c79ac937cb05cc0786b75305b75f43058e;hpb=902f1015d874c33bd7946b17de2ad80b4f2144b6;p=fa-stable.git

diff --git a/inventory/cost_update.php b/inventory/cost_update.php
index ba8a39c7..e268f360 100644
--- a/inventory/cost_update.php
+++ b/inventory/cost_update.php
@@ -68,7 +68,7 @@ if (isset($_POST['UpdateData']))
 
         if ($update_no > 0)
         {
-    		display_note(get_gl_view_str(systypes::cost_update(), $update_no, _("View the GL Journal Entries for this Cost Update")), 0, 1);
+    		display_note(get_gl_view_str(ST_COSTUPDATE, $update_no, _("View the GL Journal Entries for this Cost Update")), 0, 1);
         }
    	}
 }
@@ -91,7 +91,7 @@ set_global_stock_item($_POST['stock_id']);
 $sql = "SELECT description, units, material_cost, labour_cost,
 	overhead_cost, mb_flag
 	FROM ".TB_PREF."stock_master
-	WHERE stock_id='" . $_POST['stock_id'] . "'
+	WHERE stock_id=".db_escape($_POST['stock_id']) . "
 	GROUP BY description, units, material_cost, labour_cost, overhead_cost, mb_flag";
 $result = db_query($sql);
 check_db_error("The cost details for the item could not be retrieved", $sql);