X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=reporting%2Frep105.php;h=4b6a086cc55b00166070f36d650eeac56d3425d0;hb=31966256a900343308ce287a246fe3a52e9a613c;hp=d4916ca8428ca7849173749af2ea9c1fa5a7cbda;hpb=80dd97a37f674cc3691fa04af4c29607067566b2;p=fa-stable.git

diff --git a/reporting/rep105.php b/reporting/rep105.php
index d4916ca8..4b6a086c 100644
--- a/reporting/rep105.php
+++ b/reporting/rep105.php
@@ -51,17 +51,17 @@ function GetSalesOrders($from, $to, $category=0, $location=null, $backorder=0)
             	INNER JOIN ".TB_PREF."sales_order_details
             	    ON (".TB_PREF."sales_orders.order_no = ".TB_PREF."sales_order_details.order_no
             	    AND ".TB_PREF."sales_orders.trans_type = ".TB_PREF."sales_order_details.trans_type
-            	    AND ".TB_PREF."sales_orders.trans_type = 30)
+            	    AND ".TB_PREF."sales_orders.trans_type = ".ST_SALESORDER.")
             	INNER JOIN ".TB_PREF."stock_master
             	    ON ".TB_PREF."sales_order_details.stk_code = ".TB_PREF."stock_master.stock_id
             WHERE ".TB_PREF."sales_orders.ord_date >='$fromdate'
                 AND ".TB_PREF."sales_orders.ord_date <='$todate'";
 	if ($category > 0)
-		$sql .= " AND ".TB_PREF."stock_master.category_id=$category";
+		$sql .= " AND ".TB_PREF."stock_master.category_id=".db_escape($category);
 	if ($location != null)
-		$sql .= " AND ".TB_PREF."sales_orders.from_stk_loc='$location'";
+		$sql .= " AND ".TB_PREF."sales_orders.from_stk_loc=".db_escape($location);
 	if ($backorder)
-		$sql .= "AND ".TB_PREF."sales_order_details.quantity - ".TB_PREF."sales_order_details.qty_sent > 0";
+		$sql .= " AND ".TB_PREF."sales_order_details.quantity - ".TB_PREF."sales_order_details.qty_sent > 0";
 	$sql .= " ORDER BY ".TB_PREF."sales_orders.order_no";
 
 	return db_query($sql, "Error getting order details");