From 8dc2fc70d8ed33e802367fb9b7ac037fb77357d9 Mon Sep 17 00:00:00 2001
From: Janusz Dobrowolski <janusz@frontaccouting.eu>
Date: Sun, 28 Aug 2011 09:50:35 +0200
Subject: [PATCH] Cleanup in add_supplier().

---
 purchasing/includes/db/suppliers_db.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/purchasing/includes/db/suppliers_db.inc b/purchasing/includes/db/suppliers_db.inc
index 57256d4c..de49a882 100644
--- a/purchasing/includes/db/suppliers_db.inc
+++ b/purchasing/includes/db/suppliers_db.inc
@@ -19,7 +19,7 @@ function add_supplier($supp_name, $supp_ref, $address, $supp_address, $gst_no,
 		supp_account_no, bank_account, credit_limit, dimension_id, dimension2_id, curr_code,
 		payment_terms, payable_account, purchase_account, payment_discount_account, notes, 
 		tax_group_id, tax_included)
-		VALUES (".db_escape($_POST['supp_name']). ", "
+		VALUES (".db_escape($supp_name). ", "
 		.db_escape($supp_ref). ", "
 		.db_escape($address) . ", "
 		.db_escape($supp_address) . ", "
@@ -27,7 +27,7 @@ function add_supplier($supp_name, $supp_ref, $address, $supp_address, $gst_no,
 		.db_escape($website). ", "
 		.db_escape($supp_account_no). ", "
 		.db_escape($bank_account). ", "
-		.$credit_limit. ", "
+		.db_escape($credit_limit). ", "
 		.db_escape($dimension_id). ", "
 		.db_escape($dimension2_id). ", "
 		.db_escape($curr_code). ", "
-- 
2.30.2