Menu
▾
▴
[Weberp-cvs] SF.net SVN: web-erp:[3714] trunk
|
From: <tim...@us...> - 2010-09-07 21:31:07
|
Revision: 3714
http://web-erp.svn.sourceforge.net/web-erp/?rev=3714&view=rev
Author: tim_schofield
Date: 2010-09-07 21:31:01 +0000 (Tue, 07 Sep 2010)
Log Message:
-----------
Correct the sql quoting
Modified Paths:
--------------
trunk/PDFReceipt.php
trunk/doc/Change.log.html
Modified: trunk/PDFReceipt.php
===================================================================
--- trunk/PDFReceipt.php 2010-09-07 21:28:26 UTC (rev 3713)
+++ trunk/PDFReceipt.php 2010-09-07 21:31:01 UTC (rev 3714)
@@ -47,45 +47,45 @@
$PageNumber++;
-$sql='SELECT MIN(id) as start FROM debtortrans WHERE type=12 AND transno='.$_GET['BatchNumber'];
+$sql="SELECT MIN(id) as start FROM debtortrans WHERE type=12 AND transno='".$_GET['BatchNumber']. "'";
$result=DB_query($sql, $db);
$myrow=DB_fetch_array($result);
$StartReceiptNumber=$myrow['start'];
-$sql='SELECT debtorno,
- ovamount,
- invtext
- FROM debtortrans
+$sql="SELECT debtorno,
+ ovamount,
+ invtext
+ FROM debtortrans
WHERE type=12
- AND transno='.$_GET['BatchNumber'].'
- AND id='.($StartReceiptNumber-1+$_GET['ReceiptNumber']);
+ AND transno='".$_GET['BatchNumber']."'
+ AND id='".($StartReceiptNumber-1+$_GET['ReceiptNumber']) ."'";
$result=DB_query($sql, $db);
$myrow=DB_fetch_array($result);
$DebtorNo=$myrow['debtorno'];
$Amount=$myrow['ovamount'];
$Narrative=$myrow['invtext'];
-$sql='SELECT currency,
+$sql="SELECT currency,
decimalplaces
- FROM currencies
+ FROM currencies
WHERE currabrev=(SELECT currcode
FROM banktrans
WHERE type=12
- AND transno='.$_GET['BatchNumber'].')';
+ AND transno='".$_GET['BatchNumber']."')";
$result=DB_query($sql, $db);
$myrow=DB_fetch_array($result);
$Currency=$myrow['currency'];
$DecimalPlaces=$myrow['decimalplaces'];
-$sql='SELECT name,
+$sql="SELECT name,
address1,
address2,
address3,
address4,
address5,
address6
- FROM debtorsmaster
- WHERE debtorno="'.$DebtorNo.'"';
+ FROM debtorsmaster
+ WHERE debtorno='".$DebtorNo."'";
$result=DB_query($sql, $db);
$myrow=DB_fetch_array($result);
Modified: trunk/doc/Change.log.html
===================================================================
--- trunk/doc/Change.log.html 2010-09-07 21:28:26 UTC (rev 3713)
+++ trunk/doc/Change.log.html 2010-09-07 21:31:01 UTC (rev 3714)
@@ -1,5 +1,6 @@
<p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p>
<p></p>
+<p>07/09/10 Tim: PDFReceipt.php - Correct the sql quoting</p>
<p>07/09/10 Tim: PDFQuotation.php - Correct the sql quoting</p>
<p>07/09/10 Tim: PDFPickingList.php - Correct the sql quoting</p>
<p>07/09/10 Tim: PDFOrderStatus.php - Improve report layout for readability</p>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
