Security update merged from 2.1.

[fa-stable.git] / admin / printers.php

diff --git a/admin/printers.php b/admin/printers.php
index 8104f1729beffb9a2a146bf8cabd56fd3c70e97e..4c8ad144021e4b670a474469454ec81739dadcef 100644 (file)
--- a/admin/printers.php
+++ b/admin/printers.php
@@ -59,7 +59,7 @@ if ($Mode == 'Delete')
 {
        // PREVENT DELETES IF DEPENDENT RECORDS IN print_profiles
 
-       $sql= "SELECT COUNT(*) FROM ".TB_PREF."print_profiles WHERE printer = '$selected_id'";
+       $sql= "SELECT COUNT(*) FROM ".TB_PREF."print_profiles WHERE printer = ".db_escape($selected_id);
        $result = db_query($sql,"check printers relations failed");
        $myrow = db_fetch_row($result);
        if ($myrow[0] > 0) 
@@ -68,7 +68,7 @@ if ($Mode == 'Delete')
        } 
        else 
        {
-                       $sql="DELETE FROM ".TB_PREF."printers WHERE id='$selected_id'";
+                       $sql="DELETE FROM ".TB_PREF."printers WHERE id=".db_escape($selected_id);
                        db_query($sql,"could not delete printer definition");
                        display_notification(_('Selected printer definition has been deleted'));
        }