From: Janusz Dobrowolski <janusz@frontaccouting.eu>
Date: Sun, 28 Aug 2011 07:50:35 +0000 (+0200)
Subject: Cleanup in add_supplier().
X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=commitdiff_plain;h=3fa9024c9137b76d468c88132d44109d907ffc3d;p=textcart.git

Cleanup in add_supplier().
---

diff --git a/purchasing/includes/db/suppliers_db.inc b/purchasing/includes/db/suppliers_db.inc
index 57256d4..de49a88 100644
--- a/purchasing/includes/db/suppliers_db.inc
+++ b/purchasing/includes/db/suppliers_db.inc
@@ -19,7 +19,7 @@ function add_supplier($supp_name, $supp_ref, $address, $supp_address, $gst_no,
 		supp_account_no, bank_account, credit_limit, dimension_id, dimension2_id, curr_code,
 		payment_terms, payable_account, purchase_account, payment_discount_account, notes, 
 		tax_group_id, tax_included)
-		VALUES (".db_escape($_POST['supp_name']). ", "
+		VALUES (".db_escape($supp_name). ", "
 		.db_escape($supp_ref). ", "
 		.db_escape($address) . ", "
 		.db_escape($supp_address) . ", "
@@ -27,7 +27,7 @@ function add_supplier($supp_name, $supp_ref, $address, $supp_address, $gst_no,
 		.db_escape($website). ", "
 		.db_escape($supp_account_no). ", "
 		.db_escape($bank_account). ", "
-		.$credit_limit. ", "
+		.db_escape($credit_limit). ", "
 		.db_escape($dimension_id). ", "
 		.db_escape($dimension2_id). ", "
 		.db_escape($curr_code). ", "