X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fincludes%2Fdb%2Fcredit_status_db.inc;h=c80cdc906fdf1fe0a96b1f3b71496951a35c3e1b;hb=353d11608f0663039d84c33c38c5e77a1c76c926;hp=0bcabe7071ce823399d5d54015f8134f9aa38204;hpb=5928cc0bb4164cfd1dfc77f279f6b12d7806294f;p=fa-stable.git

diff --git a/sales/includes/db/credit_status_db.inc b/sales/includes/db/credit_status_db.inc
index 0bcabe70..c80cdc90 100644
--- a/sales/includes/db/credit_status_db.inc
+++ b/sales/includes/db/credit_status_db.inc
@@ -1,42 +1,51 @@
 <?php
-
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
 function add_credit_status($description, $disallow_invoicing)
 {
 	$sql = "INSERT INTO ".TB_PREF."credit_status (reason_description, dissallow_invoices) 
-		VALUES (".db_escape($description).",$disallow_invoicing)";
-		
-	db_query($sql, "could not add credit status");		
+		VALUES (".db_escape($description).",".db_escape($disallow_invoicing).")";
+
+	db_query($sql, "could not add credit status");
 }
 
 function update_credit_status($status_id, $description, $disallow_invoicing)
 {
 	$sql = "UPDATE ".TB_PREF."credit_status SET reason_description=".db_escape($description).",
-		dissallow_invoices=$disallow_invoicing WHERE id=$status_id";
-	
-	db_query($sql, "could not update credit status");			
+		dissallow_invoices=".db_escape($disallow_invoicing)." WHERE id=".db_escape($status_id);
+
+	db_query($sql, "could not update credit status");
 }
 
-function get_all_credit_status()
+function get_all_credit_status($all=false)
 {
 	$sql = "SELECT * FROM ".TB_PREF."credit_status";
-	
+	if (!$all) $sql .= " WHERE !inactive";
+
 	return db_query($sql, "could not get all credit status");
-} 
+}
 
 function get_credit_status($status_id)
 {
-	$sql = "SELECT * FROM ".TB_PREF."credit_status WHERE id=$status_id";
-	
+	$sql = "SELECT * FROM ".TB_PREF."credit_status WHERE id=".db_escape($status_id);
+
 	$result = db_query($sql, "could not get credit status");
-	
+
 	return db_fetch($result);
 }
 
 function delete_credit_status($status_id)
 {
-	$sql="DELETE FROM ".TB_PREF."credit_status WHERE id=$status_id";
-		
-	db_query($sql, "could not delete credit status");	
+	$sql="DELETE FROM ".TB_PREF."credit_status WHERE id=".db_escape($status_id);
+
+	db_query($sql, "could not delete credit status");
 }
 
-?>
\ No newline at end of file