diff -r dab0e9deeb67 -r ce1c4d5e1576 delete_user.php
--- a/delete_user.php	Thu Jan 03 23:04:46 2008 +0000
+++ b/delete_user.php	Sat Jan 05 16:25:49 2008 +0000
@@ -102,7 +102,7 @@
         }
         
         $message = _('You are going to delete this user, are you sure?');
-        if(($numrows = $db->queryOne("select count(id) from zones where owner=$id")) != 0)
+        if(($numrows = $db->queryOne("SELECT count(id) FROM zones WHERE owner=".$db->quote($id))) != 0)
         {
         	$message .= " " . _('This user has access to ') . $numrows . _(' zones, by deleting him you will also delete these zones.');
         }