X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=manufacturing%2Fmanage%2Fwork_centres.php;h=716bb81886eca35c3be3eada781fc19618b9e2de;hb=6989100b74130784a524b1f941b3ae73f30f663a;hp=4ae7e90f945fce6b7faa3c26207282f8862351f7;hpb=902f1015d874c33bd7946b17de2ad80b4f2144b6;p=fa-stable.git

diff --git a/manufacturing/manage/work_centres.php b/manufacturing/manage/work_centres.php
index 4ae7e90f..716bb818 100644
--- a/manufacturing/manage/work_centres.php
+++ b/manufacturing/manage/work_centres.php
@@ -56,7 +56,7 @@ if ($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM')
 
 function can_delete($selected_id)
 {
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."bom WHERE workcentre_added='$selected_id'";	
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."bom WHERE workcentre_added=".db_escape($selected_id);
 	$result = db_query($sql, "check can delete work centre");
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0) 
@@ -65,7 +65,7 @@ function can_delete($selected_id)
 		return false;
 	}
 	
-	$sql= "SELECT COUNT(*) FROM ".TB_PREF."wo_requirements WHERE workcentre='$selected_id'";
+	$sql= "SELECT COUNT(*) FROM ".TB_PREF."wo_requirements WHERE workcentre=".db_escape($selected_id);
 	$result = db_query($sql, "check can delete work centre");
 	$myrow = db_fetch_row($result);
 	if ($myrow[0] > 0)