X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=inventory%2Fmanage%2Fmovement_types.php;h=60b8e83e30ce52fcb6ac91659a4b68d18fefaf3d;hb=af78fbb535a6fedbc2eb70a26ddc39739be2b986;hp=5f75844fca8e536ddde2d7f5ce7aae2a6a8573ed;hpb=80dd97a37f674cc3691fa04af4c29607067566b2;p=fa-stable.git

diff --git a/inventory/manage/movement_types.php b/inventory/manage/movement_types.php
index 5f75844f..60b8e83e 100644
--- a/inventory/manage/movement_types.php
+++ b/inventory/manage/movement_types.php
@@ -57,7 +57,8 @@ if ($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM')
 function can_delete($selected_id)
 {
 	$sql= "SELECT COUNT(*) FROM ".TB_PREF."stock_moves 
-		WHERE type=" . ST_INVADJUST. " AND person_id=$selected_id";
+		WHERE type=" . ST_INVADJUST. " AND person_id=".db_escape($selected_id);
+
 	$result = db_query($sql, "could not query stock moves");
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0)