X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=purchasing%2Fincludes%2Fdb%2Fsupp_trans_db.inc;h=b38e787ab03eea1683779edddc0d88cf1ff3cdc6;hb=171074993d8f6768cde0626697abd6b4eab732a6;hp=6526093b2ff26bf13fccd7e741dbebab478d0b6d;hpb=da8311619dd73feae101d246a1957b972e00cbd2;p=fa-stable.git

diff --git a/purchasing/includes/db/supp_trans_db.inc b/purchasing/includes/db/supp_trans_db.inc
index 6526093b..b38e787a 100644
--- a/purchasing/includes/db/supp_trans_db.inc
+++ b/purchasing/includes/db/supp_trans_db.inc
@@ -17,7 +17,7 @@ function add_supp_trans($type, $supplier_id, $date_, $due_date, $reference, $sup
 	$sql = "INSERT INTO ".TB_PREF."supp_trans (trans_no, type, supplier_id, tran_date, due_date, 
 		reference, supp_reference, ov_amount, ov_gst, rate, ov_discount) ";
 	$sql .= "VALUES ($trans_no, $type, $supplier_id, '$date', '$due_date',
-		'$reference', '$supp_reference', $amount, $amount_tax, $rate, $discount)";
+		".db_escape($reference).", ".db_escape($supp_reference).", $amount, $amount_tax, $rate, $discount)";
 	
 	if ($err_msg == "")
 		$err_msg = "Cannot insert a supplier transaction record";