X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=purchasing%2Fsupplier_credit.php;h=c20abbcd38d7b56cbda1c49f16abc4be4af0d8c9;hb=510d6e1925c4d1621ae3efd85e117cc9bb4320f0;hp=25c24e3b0afdf31771954d07b0ede86581ad817f;hpb=80dd97a37f674cc3691fa04af4c29607067566b2;p=fa-stable.git

diff --git a/purchasing/supplier_credit.php b/purchasing/supplier_credit.php
index 25c24e3b..c20abbcd 100644
--- a/purchasing/supplier_credit.php
+++ b/purchasing/supplier_credit.php
@@ -36,7 +36,7 @@ check_db_has_suppliers(_("There are no suppliers defined in the system."));
 if (isset($_GET['AddedID'])) 
 {
 	$invoice_no = $_GET['AddedID'];
-	$trans_type = 21;
+	$trans_type = ST_SUPPCREDIT;
 
 
     echo "<center>";
@@ -97,7 +97,7 @@ if (isset($_POST['AddGLCodeToTrans'])){
 	$Ajax->activate('gl_items');
 	$input_error = false;
 
-	$sql = "SELECT account_code, account_name FROM ".TB_PREF."chart_master WHERE account_code='" . $_POST['gl_code'] . "'";
+	$sql = "SELECT account_code, account_name FROM ".TB_PREF."chart_master WHERE account_code=".db_escape($_POST['gl_code']);
 	$result = db_query($sql,"get account information");
 	if (db_num_rows($result) == 0)
 	{
@@ -153,7 +153,7 @@ function check_data()
 		return false;
 	}
 
-	if (!is_new_reference($_SESSION['supp_trans']->reference, 21)) 
+	if (!is_new_reference($_SESSION['supp_trans']->reference, ST_SUPPCREDIT)) 
 	{
 		display_error(_("The entered reference is already in use."));
 		set_focus('reference');