Replace the remaining php files with nullable_htmlentites()

2026-02-28 19:04:52 +00:00 · 2023-05-11 18:27:48 -04:00
parent ccf0d3ab77
commit 37fb696e63
152 changed files with 1085 additions and 1085 deletions
--- a/expense_edit_modal.php
+++ b/expense_edit_modal.php
@@ -49,7 +49,7 @@
                                    $sql_accounts = mysqli_query($mysqli, "SELECT account_id, account_name, opening_balance FROM accounts WHERE (account_archived_at > '$expense_created_at' OR account_archived_at IS NULL) ORDER BY account_name ASC");
                                    while ($row = mysqli_fetch_array($sql_accounts)) {
                                        $account_id_select = intval($row['account_id']);
-                                        $account_name_select = htmlentities($row['account_name']);
+                                        $account_name_select = nullable_htmlentities($row['account_name']);
                                        $opening_balance = floatval($row['opening_balance']);

                                        $sql_payments = mysqli_query($mysqli, "SELECT SUM(payment_amount) AS total_payments FROM payments WHERE payment_account_id = $account_id_select");
@@ -88,7 +88,7 @@
                                    $sql_select = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = 0 AND vendor_template = 0 AND (vendor_archived_at > '$expense_created_at' OR vendor_archived_at IS NULL) ORDER BY vendor_name ASC");
                                    while ($row = mysqli_fetch_array($sql_select)) {
                                        $vendor_id_select = intval($row['vendor_id']);
-                                        $vendor_name_select = htmlentities($row['vendor_name']);
+                                        $vendor_name_select = nullable_htmlentities($row['vendor_name']);
                                        ?>
                                        <option <?php if ($expense_vendor_id == $vendor_id_select) { ?> selected <?php } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
                                        <?php
@@ -133,7 +133,7 @@
                                    $sql_select = mysqli_query($mysqli, "SELECT category_id, category_name FROM categories WHERE category_type = 'Expense' AND (category_archived_at > '$expense_created_at' OR category_archived_at IS NULL) ORDER BY category_name ASC");
                                    while ($row = mysqli_fetch_array($sql_select)) {
                                        $category_id_select = intval($row['category_id']);
-                                        $category_name_select = htmlentities($row['category_name']);
+                                        $category_name_select = nullable_htmlentities($row['category_name']);
                                        ?>
                                        <option <?php if ($expense_category_id == $category_id_select) { ?> selected <?php } ?> value="<?php echo $category_id_select; ?>"><?php echo $category_name_select; ?></option>
                                        <?php
@@ -164,7 +164,7 @@
                                        $sql_clients = mysqli_query($mysqli, "SELECT client_id, client_name FROM clients ORDER BY client_name ASC");
                                        while ($row = mysqli_fetch_array($sql_clients)) {
                                            $client_id_select = intval($row['client_id']);
-                                            $client_name_select = htmlentities($row['client_name']);
+                                            $client_name_select = nullable_htmlentities($row['client_name']);
                                            ?>
                                            <option <?php if ($expense_client_id == $client_id_select) { echo "selected"; } ?> value="<?php echo $client_id_select; ?>"><?php echo $client_name_select; ?></option>