X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fincludes%2Fdb%2Fcust_trans_details_db.inc;h=b44c1d5f12e41d4922e8a5c8cfa03c7efacf3a17;hb=01d4a724556d029a847a85befebb718278eaba6d;hp=ebe79a56461cfbf27a88c18a96d577791dbbaa97;hpb=0c1bcd8ce3c089d7ddb3722a097f8fc8417f41e6;p=fa-stable.git

diff --git a/sales/includes/db/cust_trans_details_db.inc b/sales/includes/db/cust_trans_details_db.inc
index ebe79a56..b44c1d5f 100644
--- a/sales/includes/db/cust_trans_details_db.inc
+++ b/sales/includes/db/cust_trans_details_db.inc
@@ -84,8 +84,8 @@ function write_customer_trans_detail_item($debtor_trans_type, $debtor_trans_no,
 {
 	if ($line_id!=0)
 		$sql = "UPDATE ".TB_PREF."debtor_trans_details SET
-			stock_id='$stock_id',
-			description='$description',
+			stock_id=".db_escape($stock_id).",
+			description=".db_escape($description).",
 			quantity=$quantity,
 			unit_price=$unit_price,
 			unit_tax=$unit_tax,
@@ -96,7 +96,8 @@ function write_customer_trans_detail_item($debtor_trans_type, $debtor_trans_no,
 			$sql = "INSERT INTO ".TB_PREF."debtor_trans_details (debtor_trans_no,
 				debtor_trans_type, stock_id, description, quantity, unit_price,
 				unit_tax, discount_percent, standard_cost)
-			VALUES ($debtor_trans_no, $debtor_trans_type, '$stock_id', '$description',
+			VALUES ($debtor_trans_no, $debtor_trans_type, ".db_escape($stock_id).
+			", ".db_escape($description).",
 				$quantity, $unit_price, $unit_tax, $discount_percent, $std_cost)";
 
 	db_query($sql, "The debtor transaction detail could not be written");