X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=sales%2Fincludes%2Fsales_db.inc;h=e9410251065c33cf4a966ad902055fdcd00711d7;hb=9a98bb3bc7a94f1a8e47f8dab45a87c8b4212080;hp=260ba9b10b961c27c5740ccb74fb1d663bd847a6;hpb=8412d487438a78c7206cbe84ae055d169ba65af4;p=fa-stable.git diff --git a/sales/includes/sales_db.inc b/sales/includes/sales_db.inc index 260ba9b1..e9410251 100644 --- a/sales/includes/sales_db.inc +++ b/sales/includes/sales_db.inc @@ -201,18 +201,20 @@ function update_parent_line($doc_type, $line_id, $qty_dispatched, $auto=false) { $doc_type = get_parent_type($doc_type); + $qty_dispatched = (float)$qty_dispatched; + // echo "update line: $line_id, $doc_type, $qty_dispatched"; - if ($doc_type==0) + if ($doc_type == 0) return false; else { - if ($doc_type==ST_SALESORDER) + if ($doc_type==ST_SALESORDER || $doc_type==ST_SALESQUOTE) { $sql = "UPDATE ".TB_PREF."sales_order_details SET qty_sent = qty_sent + $qty_dispatched"; if ($auto) $sql .= ", quantity = quantity + $qty_dispatched"; $sql .= " WHERE id=".db_escape($line_id); - } + } else $sql = "UPDATE ".TB_PREF."debtor_trans_details SET qty_done = qty_done + $qty_dispatched @@ -317,10 +319,13 @@ function get_sales_child_lines($trans_type, $trans_no, $lines=true) if (!is_array($trans_no)) { $trans_no = array($trans_no); } - + $par_tbl = $trans_type == ST_SALESORDER ? "sales_order_details" : "debtor_trans_details"; $par_no = $trans_type == ST_SALESORDER ? "trans.order_no" : "trans.debtor_trans_no"; + foreach($trans_no as $n => $trans) { + $trans_no[$n] = db_escape($trans); + } $sql = "SELECT child.* FROM ".TB_PREF."debtor_trans_details child @@ -361,7 +366,8 @@ function get_sales_parent_lines($trans_type, $trans_no, $lines=true) LEFT JOIN ".TB_PREF."debtor_trans_details trans ON trans.src_id=parent.id WHERE - trans.debtor_trans_type=$trans_type AND trans.debtor_trans_no=$trans_no"; + trans.debtor_trans_type=".db_escape($trans_type) + ." AND trans.debtor_trans_no=".db_escape($trans_no); if (!$lines) $sql .= " GROUP BY $par_no";