[Web-erp-svn] SF.net SVN: web-erp:[5627] trunk/SelectSalesOrder.php

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 5627
          http://web-erp.svn.sourceforge.net/web-erp/?rev=5627&view=rev
Author:   daintree
Date:     2012-09-07 10:11:07 +0000 (Fri, 07 Sep 2012)
Log Message:
-----------
sanitise SelectedStockItem

Modified Paths:
--------------
    trunk/SelectSalesOrder.php

Modified: trunk/SelectSalesOrder.php
===================================================================

--- trunk/SelectSalesOrder.php	2012-09-06 09:36:49 UTC (rev 5626)
+++ trunk/SelectSalesOrder.php	2012-09-07 10:11:07 UTC (rev 5627)
@@ -7,6 +7,10 @@
 include('includes/header.inc');
 include('includes/SQL_CommonFunctions.inc');
 
+if (isset($_REQUEST['SelectedStockItem'])) {
+	$_REQUEST['SelectedStockItem'] = DB_escape_string($_REQUEST['SelectedStockItem']);
+}
+
 if (isset($_POST['PlacePO'])){ /*user hit button to place PO for selected orders */
 
 	/*Note the button would not have been displayed if the user had no authority to create purchase orders */

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.





[Web-erp-svn] SF.net SVN: web-erp:[5627] trunk/SelectSalesOrder.php

Accounting & Best Practice Business Administration System

[Web-erp-svn] SF.net SVN: web-erp:[5627] trunk/SelectSalesOrder.php