diff options
| -rwxr-xr-x | LedgerSMB/Form.pm | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm index 8af13b55..6f504894 100755 --- a/LedgerSMB/Form.pm +++ b/LedgerSMB/Form.pm @@ -1672,11 +1672,13 @@ sub update_balance { # if we have a value, go do it if ($value) { + $table = $dbh->quote_identifier($table); + $field = $dbh->quote_identifier($field); # retrieve balance from table my $query = "SELECT $field FROM $table WHERE $where FOR UPDATE"; my ($balance) = $dbh->selectrow_array($query); - $balance += $value; + $balance = $dbh->quote($balance + $value); # update balance $query = "UPDATE $table SET $field = $balance WHERE $where"; |