X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=manufacturing%2Finquiry%2Fwhere_used_inquiry.php;fp=manufacturing%2Finquiry%2Fwhere_used_inquiry.php;h=c10dc2a7aa039af1ce06f44a5c493a7f69dcfe7e;hb=8ea6c4dd0d9b31b3456d012b0c94339b801bee0c;hp=4ad2ebc7eb578f06d77484c4af74fbd6ccd4972a;hpb=3ff9ed87cb909f19c8fe3e7dfda5df79d0c01a6c;p=fa-stable.git

diff --git a/manufacturing/inquiry/where_used_inquiry.php b/manufacturing/inquiry/where_used_inquiry.php
index 4ad2ebc7..c10dc2a7 100644
--- a/manufacturing/inquiry/where_used_inquiry.php
+++ b/manufacturing/inquiry/where_used_inquiry.php
@@ -50,7 +50,7 @@ $sql = "SELECT
 		WHERE bom.parent = parent.stock_id 
 			AND bom.workcentre_added = workcentre.id
 			AND bom.loc_code = location.loc_code
-			AND bom.component='" . $_POST['stock_id'] . "'";
+			AND bom.component=".db_escape($_POST['stock_id']);
 
    $cols = array(
    	_("Parent Item") => array('fun'=>'select_link'),