From e689c81b82744e940b4425c787c2c0ee633b1b2d Mon Sep 17 00:00:00 2001
From: Andre Cianfarani <acianfa@free.fr>
Date: Sat, 11 Feb 2006 13:36:20 +0000
Subject: [PATCH] fix : correction quotes dans syntaxe sql, ca boguait selon
 les valeurs

---
 htdocs/commande/commande.class.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/htdocs/commande/commande.class.php b/htdocs/commande/commande.class.php
index 2217ec9ec31..f489c5ec992 100644
--- a/htdocs/commande/commande.class.php
+++ b/htdocs/commande/commande.class.php
@@ -872,9 +872,9 @@ class Commande
 			}
 
 			$sql = 'UPDATE '.MAIN_DB_PREFIX.'commandedet';
-			$sql.= " SET description='".addslashes($desc)."',price='$price',subprice='$subprice',";
-			$sql.= " remise=$remise,remise_percent=$remise_percent,qty=$qty,tva_tx='".$tva_tx."'";
-			$sql.= ' WHERE rowid = '.$rowid;
+			$sql.= " SET description='".addslashes($desc)."',price='".$price."',subprice='".$subprice."',";
+			$sql.= " remise='".$remise."',remise_percent='".$remise_percent."',qty='".$qty."',tva_tx='".$tva_tx."'";
+			$sql.= " WHERE rowid = '".$rowid."'";
 
 			$result=$this->db->query( $sql);
 			if ( $result )