diff options
Diffstat (limited to 'LedgerSMB/OE.pm')
-rwxr-xr-x | LedgerSMB/OE.pm | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/LedgerSMB/OE.pm b/LedgerSMB/OE.pm index af81da1c..015d404c 100755 --- a/LedgerSMB/OE.pm +++ b/LedgerSMB/OE.pm @@ -197,10 +197,10 @@ sub transactions { } if ( $form->{description} ne "" ) { - $var = $form->like( lc $form->{description} ); + $var = $dbh->quote($form->like( lc $form->{description} )); $query .= " AND o.id IN (SELECT DISTINCT trans_id FROM orderitems - WHERE lower(description) LIKE '$var')"; + WHERE lower(description) LIKE $var)"; push @queryargs, $var; } @@ -1992,12 +1992,12 @@ sub get_inventory { if ( $form->{partnumber} ne "" ) { $var = $dbh->quote( $form->like( lc $form->{partnumber} ) ); $where .= " - AND lower(p.partnumber) LIKE '$var'"; + AND lower(p.partnumber) LIKE $var"; } if ( $form->{description} ne "" ) { $var = $dbh->quote( $form->like( lc $form->{description} ) ); $where .= " - AND lower(p.description) LIKE '$var'"; + AND lower(p.description) LIKE $var"; } if ( $form->{partsgroup} ne "" ) { ( $null, $var ) = split /--/, $form->{partsgroup}; |