X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=inventory%2Fincludes%2Fdb%2Fitems_db.inc;h=b4666edbd184063ac21d8793c176664e1fe183ac;hb=1466764d49233238c6097c95341875be552d7487;hp=de6ce056ccd7376d6594a92a74e283f2c459e6fa;hpb=46c5f7a65a7659a44ae8254c63152074363d3987;p=fa-stable.git

diff --git a/inventory/includes/db/items_db.inc b/inventory/includes/db/items_db.inc
index de6ce056..b4666edb 100644
--- a/inventory/includes/db/items_db.inc
+++ b/inventory/includes/db/items_db.inc
@@ -29,10 +29,10 @@ function update_item($stock_id, $description, $long_description, $category_id,
 		editable=".db_escape($editable);
 
 	if ($units != '')
-		$sql .= ", units='$units'";
+		$sql .= ", units=".db_escape($units);
 
 	if ($mb_flag != '')
-		$sql .= ", mb_flag='$mb_flag'";
+		$sql .= ", mb_flag=".db_escape($mb_flag);
 
 	$sql .= " WHERE stock_id=".db_escape($stock_id);
 
@@ -158,4 +158,4 @@ function item_in_foreign_codes($stock_id)
 	}
 	return $msg;
 }
-?>
\ No newline at end of file
+?>