Menu
▾
▴
[Weberp-cvs] SF.net SVN: web-erp:[3825] trunk
|
From: <tim...@us...> - 2010-09-28 19:13:33
|
Revision: 3825
http://web-erp.svn.sourceforge.net/web-erp/?rev=3825&view=rev
Author: tim_schofield
Date: 2010-09-28 19:13:27 +0000 (Tue, 28 Sep 2010)
Log Message:
-----------
SQL quoting corrections and layout changes and improvements
Modified Paths:
--------------
trunk/UnitsOfMeasure.php
trunk/doc/Change.log.html
Modified: trunk/UnitsOfMeasure.php
===================================================================
--- trunk/UnitsOfMeasure.php 2010-09-28 19:00:36 UTC (rev 3824)
+++ trunk/UnitsOfMeasure.php 2010-09-28 19:13:27 UTC (rev 3825)
@@ -8,6 +8,8 @@
$title = _('Units Of Measure');
include('includes/header.inc');
+echo '<p class="page_title_text"><img src="' . $rootpath . '/css/' . $theme . '/images/magnifier.png" title="' .
+ _('Top Sales Order Search') . '" alt="">' . ' ' . $title . '</p>';
if ( isset($_GET['SelectedMeasureID']) )
$SelectedMeasureID = $_GET['SelectedMeasureID'];
@@ -39,7 +41,7 @@
/*SelectedMeasureID could also exist if submit had not been clicked this code would not run in this case cos submit is false of course see the delete code below*/
// Check the name does not clash
$sql = "SELECT count(*) FROM unitsofmeasure
- WHERE unitid <> " . $SelectedMeasureID ."
+ WHERE unitid <> '" . $SelectedMeasureID ."'
AND unitname ".LIKE." '" . $_POST['MeasureName'] . "'";
$result = DB_query($sql,$db);
$myrow = DB_fetch_row($result);
@@ -51,7 +53,7 @@
// idealy this is one of those sets that should be in a stored procedure simce even the checks are
// relavant
$sql = "SELECT unitname FROM unitsofmeasure
- WHERE unitid = " . $SelectedMeasureID;
+ WHERE unitid = '" . $SelectedMeasureID . "'";
$result = DB_query($sql,$db);
if ( DB_num_rows($result) != 0 ) {
// This is probably the safest way there is
@@ -124,7 +126,7 @@
// PREVENT DELETES IF DEPENDENT RECORDS IN 'stockmaster'
// Get the original name of the unit of measure the ID is just a secure way to find the unit of measure
$sql = "SELECT unitname FROM unitsofmeasure
- WHERE unitid = " . $SelectedMeasureID;
+ WHERE unitid = '" . $SelectedMeasureID . "'";
$result = DB_query($sql,$db);
if ( DB_num_rows($result) == 0 ) {
// This is probably the safest way there is
@@ -179,7 +181,7 @@
$ErrMsg = _('Could not get unit of measures because');
$result = DB_query($sql,$db,$ErrMsg);
- echo "<table>
+ echo "<table class=selection>
<tr>
<th>" . _('Units of Measure') . "</th>
</tr>";
@@ -221,7 +223,7 @@
$sql = "SELECT unitid,
unitname
FROM unitsofmeasure
- WHERE unitid=" . $SelectedMeasureID;
+ WHERE unitid='" . $SelectedMeasureID . "'";
$result = DB_query($sql, $db);
if ( DB_num_rows($result) == 0 ) {
Modified: trunk/doc/Change.log.html
===================================================================
--- trunk/doc/Change.log.html 2010-09-28 19:00:36 UTC (rev 3824)
+++ trunk/doc/Change.log.html 2010-09-28 19:13:27 UTC (rev 3825)
@@ -1,5 +1,6 @@
<p><font SIZE=4 COLOR=BLUE><b>webERP Change Log</b></font></p>
<p></p>
+<p>28/09/10 Tim: UnitsOfMeasure.php - SQL quoting corrections and layout changes and improvements</p>
<p>28/09/10 Tim: TopItems.php - SQL quoting corrections and layout changes and improvements</p>
<p>28/09/10 Tim: TaxProvinces.php - SQL quoting corrections and layout changes and improvements</p>
<p>28/09/10 Tim: TaxGroups.php - SQL quoting corrections and layout changes and improvements</p>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
