X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=inventory%2Fincludes%2Fdb%2Fitems_db.inc;h=ed69376ef00d79101c95f3367ee187dd7b705823;hb=8ffddf50ffbe93672c769e2cf0501d0f9125e2a0;hp=60bac30061679dae94b8c90eb2a5b28d263fe265;hpb=264c09696d65efe4532c197f317162daf8c24f32;p=fa-stable.git

diff --git a/inventory/includes/db/items_db.inc b/inventory/includes/db/items_db.inc
index 60bac300..ed69376e 100644
--- a/inventory/includes/db/items_db.inc
+++ b/inventory/includes/db/items_db.inc
@@ -30,10 +30,10 @@ function update_item($stock_id, $description, $long_description, $category_id,
 		editable=".db_escape($editable);
 
 	if ($units != '')
-		$sql .= ", units='$units'";
+		$sql .= ", units=".db_escape($units);
 
 	if ($mb_flag != '')
-		$sql .= ", mb_flag='$mb_flag'";
+		$sql .= ", mb_flag=".db_escape($mb_flag);
 
 	$sql .= " WHERE stock_id=".db_escape($stock_id);
 
@@ -49,7 +49,7 @@ function add_item($stock_id, $description, $long_description, $category_id,
 {
 	$sql = "INSERT INTO ".TB_PREF."stock_master (stock_id, description, long_description, category_id,
 		tax_type_id, units, mb_flag, sales_account, inventory_account, cogs_account,
-		adjustment_account, assembly_account, dimension_id, dimension2_id, no_sale, editable)
+		adjustment_account, assembly_account, dimension_id, dimension2_id, no_sale, no_purchase, editable)
 		VALUES (".db_escape($stock_id).", ".db_escape($description).", ".db_escape($long_description).",
 		".db_escape($category_id).", ".db_escape($tax_type_id).", "
 		.db_escape($units).", ".db_escape($mb_flag).",
@@ -160,4 +160,3 @@ function item_in_foreign_codes($stock_id)
 	}
 	return $msg;
 }
-?>
\ No newline at end of file