X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=reporting%2Frep209.php;h=e8278e60e13036c644e5742654c61c983c4b0a79;hb=31966256a900343308ce287a246fe3a52e9a613c;hp=785420c9218cd7223133f931bf517b139942c0b8;hpb=28e7dac267b65d8163ca41c452c42706d0ffb2dd;p=fa-stable.git diff --git a/reporting/rep209.php b/reporting/rep209.php index 785420c9..e8278e60 100644 --- a/reporting/rep209.php +++ b/reporting/rep209.php @@ -37,7 +37,7 @@ function get_po($order_no) FROM ".TB_PREF."purch_orders, ".TB_PREF."suppliers, ".TB_PREF."locations WHERE ".TB_PREF."purch_orders.supplier_id = ".TB_PREF."suppliers.supplier_id AND ".TB_PREF."locations.loc_code = into_stock_location - AND ".TB_PREF."purch_orders.order_no = " . $order_no; + AND ".TB_PREF."purch_orders.order_no = ".db_escape($order_no); $result = db_query($sql, "The order cannot be retrieved"); return db_fetch($result); } @@ -48,7 +48,7 @@ function get_po_details($order_no) FROM ".TB_PREF."purch_order_details LEFT JOIN ".TB_PREF."stock_master ON ".TB_PREF."purch_order_details.item_code=".TB_PREF."stock_master.stock_id - WHERE order_no =$order_no "; + WHERE order_no =".db_escape($order_no)." "; $sql .= " ORDER BY po_detail_item"; return db_query($sql, "Retreive order Line Items"); } @@ -105,7 +105,7 @@ function print_po() } else $rep->title = _('PURCHASE ORDER'); - $rep->Header2($myrow, null, $myrow, $baccount, 8); + $rep->Header2($myrow, null, $myrow, $baccount, ST_PURCHORDER); $result = get_po_details($i); $SubTotal = 0; @@ -139,7 +139,7 @@ function print_po() $rep->TextCol(6, 7, $DisplayNet, -2); $rep->NewLine(1); if ($rep->row < $rep->bottomMargin + (15 * $rep->lineHeight)) - $rep->Header2($myrow, $branch, $myrow, $baccount, 8); + $rep->Header2($myrow, $branch, $myrow, $baccount, ST_PURCHORDER); } if ($myrow['comments'] != "") { @@ -150,7 +150,7 @@ function print_po() $rep->row = $rep->bottomMargin + (15 * $rep->lineHeight); $linetype = true; - $doctype = 8; + $doctype = ST_PURCHORDER; if ($rep->currency != $myrow['curr_code']) { include($path_to_root . "/reporting/includes/doctext2.inc");