diff options
author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-07-27 05:29:00 +0000 |
---|---|---|
committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-07-27 05:29:00 +0000 |
commit | 1e85fc89e1a41d52f3f4bc1df032e85b06c2516d (patch) | |
tree | e6273a8dccbd1e553566023a0a23d6a1844c967c /LedgerSMB/OE.pm | |
parent | 1419e92f273140c09781676445c0bb886b514bdc (diff) |
Fixing a large number of SQL errors in certain circumstances
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/branches/1.2@1447 4979c152-3d1c-0410-bac9-87ea11338e46
Diffstat (limited to 'LedgerSMB/OE.pm')
-rwxr-xr-x | LedgerSMB/OE.pm | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/LedgerSMB/OE.pm b/LedgerSMB/OE.pm index af81da1c..015d404c 100755 --- a/LedgerSMB/OE.pm +++ b/LedgerSMB/OE.pm @@ -197,10 +197,10 @@ sub transactions { } if ( $form->{description} ne "" ) { - $var = $form->like( lc $form->{description} ); + $var = $dbh->quote($form->like( lc $form->{description} )); $query .= " AND o.id IN (SELECT DISTINCT trans_id FROM orderitems - WHERE lower(description) LIKE '$var')"; + WHERE lower(description) LIKE $var)"; push @queryargs, $var; } @@ -1992,12 +1992,12 @@ sub get_inventory { if ( $form->{partnumber} ne "" ) { $var = $dbh->quote( $form->like( lc $form->{partnumber} ) ); $where .= " - AND lower(p.partnumber) LIKE '$var'"; + AND lower(p.partnumber) LIKE $var"; } if ( $form->{description} ne "" ) { $var = $dbh->quote( $form->like( lc $form->{description} ) ); $where .= " - AND lower(p.description) LIKE '$var'"; + AND lower(p.description) LIKE $var"; } if ( $form->{partsgroup} ne "" ) { ( $null, $var ) = split /--/, $form->{partsgroup}; |