X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fincludes%2Fdb%2Fcust_trans_details_db.inc;h=2656e54450c7177905a6da82034bfe4f41e1ba50;hb=5c2565db0b2a82da46c1b1d0aae0d08687436122;hp=86310ffaf0995bda3e2615cc56cd7f62c440bbcd;hpb=e29ab37ef51f39c200c3772e07eeceef0ce39214;p=fa-stable.git

diff --git a/sales/includes/db/cust_trans_details_db.inc b/sales/includes/db/cust_trans_details_db.inc
index 86310ffa..2656e544 100644
--- a/sales/includes/db/cust_trans_details_db.inc
+++ b/sales/includes/db/cust_trans_details_db.inc
@@ -25,7 +25,7 @@ if (!is_array($debtor_trans_no))
 
 	$tr=array();
 	foreach ($debtor_trans_no as $trans_no)
-		$tr[] = 'debtor_trans_no='.$trans_no;
+		$tr[] = 'debtor_trans_no='.db_escape($trans_no);
 
 	$sql .= implode(' OR ', $tr);
 
@@ -41,7 +41,7 @@ if (!is_array($debtor_trans_no))
 function void_customer_trans_details($type, $type_no)
 {
 	$sql = "UPDATE ".TB_PREF."debtor_trans_details SET quantity=0, unit_price=0,
-		unit_tax=0, discount_percent=0, standard_cost=0
+		unit_tax=0, discount_percent=0, standard_cost=0, src_id=0
 		WHERE debtor_trans_no=".db_escape($type_no)."
 		AND debtor_trans_type=".db_escape($type);
 
@@ -53,7 +53,7 @@ function void_customer_trans_details($type, $type_no)
 //----------------------------------------------------------------------------------------
 
 function write_customer_trans_detail_item($debtor_trans_type, $debtor_trans_no, $stock_id, $description,
-	$quantity, $unit_price, $unit_tax, $discount_percent, $std_cost, $line_id=0)
+	$quantity, $unit_price, $unit_tax, $discount_percent, $std_cost, $src_id, $line_id=0)
 {
 	if ($line_id!=0)
 		$sql = "UPDATE ".TB_PREF."debtor_trans_details SET
@@ -63,15 +63,17 @@ function write_customer_trans_detail_item($debtor_trans_type, $debtor_trans_no,
 			unit_price=$unit_price,
 			unit_tax=$unit_tax,
 			discount_percent=$discount_percent,
-			standard_cost=$std_cost WHERE
+			standard_cost=$std_cost,
+			src_id=".db_escape($src_id)." WHERE
 			id=".db_escape($line_id);
 	else
 			$sql = "INSERT INTO ".TB_PREF."debtor_trans_details (debtor_trans_no,
 				debtor_trans_type, stock_id, description, quantity, unit_price,
-				unit_tax, discount_percent, standard_cost)
+				unit_tax, discount_percent, standard_cost, src_id)
 			VALUES (".db_escape($debtor_trans_no).", ".db_escape($debtor_trans_type).", ".db_escape($stock_id).
 			", ".db_escape($description).",
-				$quantity, $unit_price, $unit_tax, $discount_percent, $std_cost)";
+				$quantity, $unit_price, $unit_tax, 
+				$discount_percent, $std_cost,".db_escape($src_id).")";
 
 	db_query($sql, "The debtor transaction detail could not be written");
 }