From c6ad3c2e0f21e77a34bc95465b791d1644f5b10c Mon Sep 17 00:00:00 2001
From: activdev <activdev>
Date: Fri, 31 Mar 2006 16:59:05 +0000
Subject: [PATCH] =?UTF-8?q?Prot=E8ge=20le=20libell=E9=20du=20compte=20si?=
 =?UTF-8?q?=20il=20contient=20une=20apostrophe=20lors=20de=20la=20cr=E9ati?=
 =?UTF-8?q?on=20d'un=20nouveau=20compte=20bancaire=20et=20de=20l'insertion?=
 =?UTF-8?q?=20en=20base=20pour=20=E9viter=20une=20erreur=20MySQL?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/compta/bank/account.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/compta/bank/account.class.php b/htdocs/compta/bank/account.class.php
index 0d22e720bd7..2a70fdd4aae 100644
--- a/htdocs/compta/bank/account.class.php
+++ b/htdocs/compta/bank/account.class.php
@@ -266,7 +266,7 @@ class Account
 
         if (! $pcgnumber) $pcgnumber="51";
 
-        $sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_account (datec, label, account_number) values (now(),'$this->label','$pcgnumber');";
+        $sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_account (datec, label, account_number) values (now(),'" . addslashes($this->label) . "','$pcgnumber');";
         $resql=$this->db->query($sql);
         if ($resql)
         {