diff options
author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-07-27 05:08:24 +0000 |
---|---|---|
committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-07-27 05:08:24 +0000 |
commit | 1419e92f273140c09781676445c0bb886b514bdc (patch) | |
tree | c133360bcf267022b45cf5c8ba30d5a538f3716f | |
parent | af2638ab5be5f22528243f5882ed2200c7f12d8e (diff) |
Correcting SQL Query errors for customer search, 1761615
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/branches/1.2@1445 4979c152-3d1c-0410-bac9-87ea11338e46
-rwxr-xr-x | LedgerSMB/CT.pm | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/LedgerSMB/CT.pm b/LedgerSMB/CT.pm index 54bdd556..e57af3b6 100755 --- a/LedgerSMB/CT.pm +++ b/LedgerSMB/CT.pm @@ -593,15 +593,15 @@ sub search { push @a, qw(name contact city state zipcode country notes phone email); if ( $form->{employee} ) { - $var = $form->like( lc $form->{employee} ); - $where .= " AND lower(e.name) LIKE '$var'"; + $var = $dbh->quote($form->like(lc $form->{employee})); + $where .= " AND lower(e.name) LIKE $var"; } foreach $item (@a) { if ( $form->{$item} ne "" ) { - $var = $form->like( lc $form->{$item} ); - $where .= " AND lower(ct.$item) LIKE '$var'"; + $var = $dbh->quote($form->like( lc $form->{$item}) ); + $where .= " AND lower(ct.$item) LIKE $var"; } } |