X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fprint_profiles.php;h=1df47c67f512ca3a8c8c96e81a4d84c2e2c2dff6;hb=081465f30442afc4f008a1c7038bef320466a730;hp=f22c19416920932ed1fb5ef11d32a1d955c93818;hpb=4d4371fb200bb27fd6b680ebd2d1aaa450a0be7e;p=fa-stable.git

diff --git a/admin/print_profiles.php b/admin/print_profiles.php
index f22c1941..1df47c67 100644
--- a/admin/print_profiles.php
+++ b/admin/print_profiles.php
@@ -9,13 +9,13 @@
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
     See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
-$page_security = 15;
-$path_to_root="..";
+$page_security = 'SA_PRINTPROFILE';
+$path_to_root = "..";
 include($path_to_root . "/includes/session.inc");
 include($path_to_root . "/admin/db/printers_db.inc");
 include($path_to_root . "/includes/ui.inc");
 
-page(_("Printing Profiles"));
+page(_($help_context = "Printing Profiles"));
 
 $selected_id = get_post('profile_id','');
 
@@ -77,7 +77,7 @@ function check_delete($name)
 {
 // check if selected profile is used by any user
 	if ($name=='') return 0; // cannot delete system default profile
-	$sql = "SELECT * FROM ".TB_PREF."users WHERE print_profile='$name'";
+	$sql = "SELECT * FROM ".TB_PREF."users WHERE print_profile=".db_escape($name);
 	$res = db_query($sql,'cannot check printing profile usage');
 	return db_num_rows($res);
 }