- if ( $cgi->param('taxnum') ) {
- my $taxnum_in = join(',',
- grep /^\d+$/, $cgi->param('taxnum')
- );
- push @where, "cust_main_county.taxnum IN ($taxnum_in)"
- if $taxnum_in;
- }
-
- # report group (itemdesc)
- if ( $cgi->param('report_group') =~ /^(=|!=) (.*)$/ ) {
- my ( $group_op, $group_value ) = ( $1, $2 );
- if ( $group_op eq '=' ) {
- #push @where, 'itemdesc LIKE '. dbh->quote($group_value.'%');
- push @where, 'itemdesc = '. dbh->quote($group_value);
- } elsif ( $group_op eq '!=' ) {
- push @where, '( itemdesc != '. dbh->quote($group_value) .' OR itemdesc IS NULL )';
- } else {
- die "guru meditation #00de: group_op $group_op\n";
- }
+ if ( $cgi->param('taxnum') =~ /^([\d,]+)$/) {
+ push @where, "cust_main_county.taxnum IN ($1)";