From 37ffac0689efddfd680fcc56e7f63f6c4402235e Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Tue, 1 Dec 2009 08:12:26 +0000
Subject: [PATCH] Fix: missing addslashes

---
 htdocs/adherents/cotisation.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/adherents/cotisation.class.php b/htdocs/adherents/cotisation.class.php
index 5f1678ebf00..43de79f9b6d 100644
--- a/htdocs/adherents/cotisation.class.php
+++ b/htdocs/adherents/cotisation.class.php
@@ -76,7 +76,7 @@ class Cotisation extends CommonObject
         $sql.= " VALUES (".$this->fk_adherent.", ".$this->db->idate(mktime()).",";
 		$sql.= " ".$this->db->idate($this->dateh).",";
 		$sql.= " ".$this->db->idate($this->datef).",";
-		$sql.= " ".$this->amount.",'".$this->note."')";
+		$sql.= " ".$this->amount.",'".addslashes($this->note)."')";
 
 		dol_syslog("Cotisation::create sql=".$sql);
 		$resql = $this->db->query($sql);
-- 
GitLab