From a6828adda219bdd76fc59898eff6572ddea4aa77 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Mon, 26 Dec 2005 13:19:00 +0000
Subject: [PATCH] Fix: gestion des apostrophes

---
 htdocs/companybankaccount.class.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/htdocs/companybankaccount.class.php b/htdocs/companybankaccount.class.php
index cd169d0dd3c..3afa09bc887 100644
--- a/htdocs/companybankaccount.class.php
+++ b/htdocs/companybankaccount.class.php
@@ -105,16 +105,16 @@ class CompanyBankAccount
 
     $sql = "UPDATE ".MAIN_DB_PREFIX."societe_rib SET ";
     
-    $sql .= " bank = '" .$this->bank ."'";    
+    $sql .= " bank = '" .addslashes($this->bank)."'";    
     $sql .= ",code_banque='".$this->code_banque."'";
     $sql .= ",code_guichet='".$this->code_guichet."'";
     $sql .= ",number='".$this->number."'";
     $sql .= ",cle_rib='".$this->cle_rib."'";
     $sql .= ",bic='".$this->bic."'";
     $sql .= ",iban_prefix = '".$this->iban_prefix."'";
-    $sql .= ",domiciliation='".$this->domiciliation."'";
-    $sql .= ",proprio = '".$this->proprio."'";
-    $sql .= ",adresse_proprio = '".$this->adresse_proprio."'";
+    $sql .= ",domiciliation='".addslashes($this->domiciliation)."'";
+    $sql .= ",proprio = '".addslashes($this->proprio)."'";
+    $sql .= ",adresse_proprio = '".addslashes($this->adresse_proprio)."'";
     
     $sql .= " WHERE fk_soc = ".$this->soc_id;