[Weberp-cvs] SF.net SVN: web-erp:[3720] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 3720
          http://web-erp.svn.sourceforge.net/web-erp/?rev=3720&view=rev
Author:   tim_schofield
Date:     2010-09-08 21:32:24 +0000 (Wed, 08 Sep 2010)

Log Message:
-----------
Correct the sql quoting

Modified Paths:
--------------
    trunk/PDFStockTransfer.php
    trunk/doc/Change.log.html

Modified: trunk/PDFStockTransfer.php
===================================================================

--- trunk/PDFStockTransfer.php	2010-09-08 21:28:59 UTC (rev 3719)
+++ trunk/PDFStockTransfer.php	2010-09-08 21:32:24 UTC (rev 3720)
@@ -18,7 +18,7 @@
 
 /*Print out the category totals */
 
-$sql='SELECT stockid, transno, loccode, trandate, qty from stockmoves where transno='.$_GET['TransferNo'].' and type=16';
+$sql="SELECT stockid, transno, loccode, trandate, qty from stockmoves where transno='".$_GET['TransferNo']."' and type=16";
 $result=DB_query($sql, $db);
 $myrow=DB_fetch_array($result);
 $StockID=$myrow[0];
@@ -29,10 +29,10 @@
 $ToCode=$myrow[2];
 $Quantity=$myrow[4];
 
-$sql='select description from stockmaster where stockid="'.$StockID.'"';
+$sql="select description from stockmaster where stockid='".$StockID."'";
 $result=DB_query($sql, $db);
 
-If (DB_num_rows($result) == 0){
+if (DB_num_rows($result) == 0){
 	include ('includes/header.inc');
 	prnMsg(_('There are no decription for '.$StockID), 'warn');
 	include ('includes/footer.inc');
@@ -42,10 +42,10 @@
 $myrow=DB_fetch_array($result);
 $Description=$myrow[0];
 
-$sql='select locationname from locations where loccode="'.$FromCode.'"';
+$sql="select locationname from locations where loccode='".$FromCode."'";
 $result=DB_query($sql, $db);
 
-If (DB_num_rows($result) == 0){
+if (DB_num_rows($result) == 0){
 	include ('includes/header.inc');
 	prnMsg(_('There are no location From for '.$StockID), 'warn');
 	include ('includes/footer.inc');
@@ -55,10 +55,10 @@
 $myrow=DB_fetch_array($result);
 $From=$myrow[0];
 
-$sql='select locationname from locations where loccode="'.$ToCode.'"';
+$sql="select locationname from locations where loccode='".$ToCode."'";
 $result=DB_query($sql, $db);
 
-If (DB_num_rows($result) == 0){
+if (DB_num_rows($result) == 0){
 	include ('includes/header.inc');
 	prnMsg(_('There are no location To for '.$StockID), 'warn');
 	include ('includes/footer.inc');

Modified: trunk/doc/Change.log.html
===================================================================
--- trunk/doc/Change.log.html	2010-09-08 21:28:59 UTC (rev 3719)
+++ trunk/doc/Change.log.html	2010-09-08 21:32:24 UTC (rev 3720)
@@ -1,5 +1,6 @@
 <p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p>
 <p></p>
+<p>08/09/10 Tim: PDFStockTransfer.php - Correct the sql quoting</p>
 <p>08/09/10 Tim: PDFStockNegatives.php - Fix missing sql error message and correct the default date format in the heading</p>
 <p>08/09/10 Tim: PDFStockCheckComparison.php - Screen layout improvements. Correct the sql quoting</p>
 <p>07/09/10 Tim: PDFRemittanceAdvice.php - Correct the sql quoting</p>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.




[Weberp-cvs] SF.net SVN: web-erp:[3720] trunk

Accounting & Best Practice Business Administration System

[Weberp-cvs] SF.net SVN: web-erp:[3720] trunk