projects / fa-stable.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Moving 2.0 development version to main trunk.
[fa-stable.git] / sales / includes / db / credit_status_db.inc
diff --git a/sales/includes/db/credit_status_db.inc b/sales/includes/db/credit_status_db.inc
index 4bf0bdd96bdedff43f847d1c854b9e63516c05c8..0bcabe7071ce823399d5d54015f8134f9aa38204 100644 (file)
--- a/sales/includes/db/credit_status_db.inc
+++ b/sales/includes/db/credit_status_db.inc
@@ -3,14 +3,14 @@
 function add_credit_status($description, $disallow_invoicing)
 {
        $sql = "INSERT INTO ".TB_PREF."credit_status (reason_description, dissallow_invoices) 
-               VALUES ('$description',$disallow_invoicing)";
+               VALUES (".db_escape($description).",$disallow_invoicing)";
                
        db_query($sql, "could not add credit status");          
 }
 
 function update_credit_status($status_id, $description, $disallow_invoicing)
 {
-       $sql = "UPDATE ".TB_PREF."credit_status SET reason_description='$description',
+       $sql = "UPDATE ".TB_PREF."credit_status SET reason_description=".db_escape($description).",
                dissallow_invoices=$disallow_invoicing WHERE id=$status_id";
        
        db_query($sql, "could not update credit status");                       
FrontAccounting stable branch