if ( $cgi->param('dcontext') =~ /^\s*(.+)\s*$/ ) {
my $dcontext = $1;
$hashref->{'dcontext'} = $dcontext;
- push @search, "dcontext = '$dcontext'";
+ push @search, 'dcontext = '. dbh->quote($dcontext);
}
if ( $cgi->param('charged_party') ) {
push @qsearch, $search;
}
+if ( $cgi->param('lastapp') =~ /^\s*(.+)\s*$/ ) {
+ my $lastapp = $1;
+ $hashref->{'lastapp'} = $lastapp;
+ push @search, 'lastapp = '. dbh->quote($lastapp);
+}
+
if ( $cgi->param('svcnum') =~ /^([\d, ]+)$/ ) {
my $svcnum = $1;
my $search = "svcnum IN ($svcnum)";