X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=reporting%2Frep203.php;h=27eef02b5dd538a10c2975d8f47bdf98dbe7b6e0;hb=31966256a900343308ce287a246fe3a52e9a613c;hp=91fdfde62b5356cc9f1a287ef13532ecf0a132b2;hpb=ddadb47f2620ce6902ad4694ce6512568862ba05;p=fa-stable.git

diff --git a/reporting/rep203.php b/reporting/rep203.php
index 91fdfde6..27eef02b 100644
--- a/reporting/rep203.php
+++ b/reporting/rep203.php
@@ -104,7 +104,7 @@ function print_payment_report()
 	$sql = "SELECT supplier_id, supp_name AS name, curr_code, ".TB_PREF."payment_terms.terms FROM ".TB_PREF."suppliers, ".TB_PREF."payment_terms
 		WHERE ";
 	if ($fromsupp != ALL_NUMERIC)
-		$sql .= "supplier_id=$fromsupp AND ";
+		$sql .= "supplier_id=".db_escape($fromsupp)." AND ";
 	$sql .= "".TB_PREF."suppliers.payment_terms = ".TB_PREF."payment_terms.terms_indicator
 		ORDER BY supp_name";
 	$result = db_query($sql, "The customers could not be retrieved");