X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=taxes%2Fdb%2Ftax_groups_db.inc;h=df48e0a1793d3b6a370825df7c7f4aaa0535cb8a;hb=4a66afcbed7fb883d00c1a6a807497ccfd181378;hp=10f0f5cfce9ecf124e6477fcf862ac4223cd79db;hpb=a5bdb4cb5a7b4ed58ac02192b5cf814f99f1a6b7;p=fa-stable.git

diff --git a/taxes/db/tax_groups_db.inc b/taxes/db/tax_groups_db.inc
index 10f0f5cf..df48e0a1 100644
--- a/taxes/db/tax_groups_db.inc
+++ b/taxes/db/tax_groups_db.inc
@@ -1,5 +1,14 @@
 <?php
-
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License, GPL, 
+	as published by the Free Software Foundation, either version 3 
+	of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
 function clear_shipping_tax_group() {
 	  $sql = "UPDATE ".TB_PREF."tax_groups SET tax_shipping=0 WHERE 1";
 	  db_query($sql, "could not update tax_shipping fields");	  
@@ -12,7 +21,7 @@ function add_tax_group($name, $tax_shipping, $taxes, $rates)
 	if($tax_shipping) 	// only one tax group for shipping
 	  clear_shipping_tax_group();
 		
-	$sql = "INSERT INTO ".TB_PREF."tax_groups (name, tax_shipping) VALUES ('$name', $tax_shipping)";
+	$sql = "INSERT INTO ".TB_PREF."tax_groups (name, tax_shipping) VALUES (".db_escape($name).", $tax_shipping)";
 	db_query($sql, "could not add tax group");
 	
 	$id = db_insert_id();
@@ -29,7 +38,7 @@ function update_tax_group($id, $name, $tax_shipping, $taxes, $rates)
 	if($tax_shipping) 	// only one tax group for shipping
 	  clear_shipping_tax_group();
 	
-    $sql = "UPDATE ".TB_PREF."tax_groups SET name='$name',tax_shipping=$tax_shipping WHERE id=$id";
+    $sql = "UPDATE ".TB_PREF."tax_groups SET name=".db_escape($name).",tax_shipping=$tax_shipping WHERE id=$id";
 	db_query($sql, "could not update tax group");
 	
 	delete_tax_group_items($id);
@@ -38,9 +47,10 @@ function update_tax_group($id, $name, $tax_shipping, $taxes, $rates)
 	commit_transaction();			
 }
 
-function get_all_tax_groups()
+function get_all_tax_groups($all=false)
 {
 	$sql = "SELECT * FROM ".TB_PREF."tax_groups";
+	if (!$all) $sql .= " WHERE !inactive";
 	
 	return db_query($sql, "could not get all tax group");
 }