Moved all SQL statements from PHP files into relevant *_db.inc files.

[fa-stable.git] / admin / print_profiles.php

diff --git a/admin/print_profiles.php b/admin/print_profiles.php
index 99ef82e1d5144c6e1e9645f616751c8974708177..5b387534800efcf551e00e0e15f6d34872f7ba5a 100644 (file)
--- a/admin/print_profiles.php
+++ b/admin/print_profiles.php
@@ -15,7 +15,7 @@ include($path_to_root . "/includes/session.inc");
 include($path_to_root . "/admin/db/printers_db.inc");
 include($path_to_root . "/includes/ui.inc");
 
-page(_("Printing Profiles"));
+page(_($help_context = "Printing Profiles"));
 
 $selected_id = get_post('profile_id','');
 
@@ -77,7 +77,7 @@ function check_delete($name)
 {
 // check if selected profile is used by any user
        if ($name=='') return 0; // cannot delete system default profile
-       $sql = "SELECT * FROM ".TB_PREF."users WHERE print_profile='$name'";
+       $sql = "SELECT * FROM ".TB_PREF."users WHERE print_profile=".db_escape($name);
        $res = db_query($sql,'cannot check printing profile usage');
        return db_num_rows($res);
 }
@@ -160,7 +160,7 @@ foreach(get_reports() as $rep => $descr)
     label_cell($descr == '' ? '???<sup>1)</sup>' : _($descr));
        $_POST['Prn'.$rep] = isset($prints[$rep]) ? $prints[$rep] : '';
     echo '<td>';
-       printers_list('Prn'.$rep, null, 
+       echo printers_list('Prn'.$rep, null, 
                $rep == '' ? _('Browser support') : _('Default'));
        echo '</td>';
        if ($descr == '') $unkn = 1;