diff --git a/application/controllers/Qslprint.php b/application/controllers/Qslprint.php
index ed65a94c..bb65ba2d 100644
--- a/application/controllers/Qslprint.php
+++ b/application/controllers/Qslprint.php
@@ -28,7 +28,7 @@ class QSLPrint extends CI_Controller {
 			redirect('user/login');
 		}
 		$this->load->model('stations');
-		$data['station_profile'] = $this->stations->all();
+		$data['station_profile'] = $this->stations->all_of_user();
 
 		$this->load->model('qslprint_model');
 		$data['qsos'] = $this->qslprint_model->get_qsos_for_print();
diff --git a/application/models/Adif_data.php b/application/models/Adif_data.php
index 4449a671..a0742ada 100644
--- a/application/models/Adif_data.php
+++ b/application/models/Adif_data.php
@@ -24,6 +24,8 @@ class adif_data extends CI_Model {
 		}
 
         $this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id');
+        // always filter user. this ensures that even if the station_id is from another user no inaccesible QSOs will be returned
+        $this->db->where('station_profile.user_id', $this->session->userdata('user_id'));
         $this->db->where_in('COL_QSL_SENT', array('R', 'Q'));
         $this->db->order_by("COL_TIME_ON", "ASC");
         $query = $this->db->get($this->config->item('table_name'));
diff --git a/application/models/Logbook_model.php b/application/models/Logbook_model.php
index 5de834b6..8f4e01b5 100755
--- a/application/models/Logbook_model.php
+++ b/application/models/Logbook_model.php
@@ -852,6 +852,9 @@ class Logbook_model extends CI_Model {
 		$sql .= ' and thcv.station_id = ' . $station_id2;
 	}
 
+	// always filter user. this ensures that even if the station_id is from another user no inaccesible QSOs will be returned
+	$sql .= ' and station_profile.user_id = ' . $this->session->userdata('user_id');
+
 	$sql .= ' ORDER BY ADIF, COL_ROUTING';
 
     $query = $this->db->query($sql);
diff --git a/application/models/Qslprint_model.php b/application/models/Qslprint_model.php
index 321eeb0c..4e5ea0df 100644
--- a/application/models/Qslprint_model.php
+++ b/application/models/Qslprint_model.php
@@ -8,19 +8,33 @@ class Qslprint_model extends CI_Model {
 		$station_id = $CI->Stations->find_active();
 
 		$data = array(
-	        'COL_QSLSDATE' => date('Y-m-d'),
-	        'COL_QSL_SENT' => "Y",
-	        'COL_QSL_SENT_VIA' => "B",
+			'COL_QSLSDATE' => date('Y-m-d'),
+			'COL_QSL_SENT' => "Y",
+			'COL_QSL_SENT_VIA' => "B",
 		);
 
-		$this->db->where_in("COL_QSL_SENT", array("R","Q"));
-
 		if ($station_id2 == NULL) {
 			$this->db->where("station_id", $station_id);
+		} else if ($station_id2 == 'All') {
+			// get all stations of user
+			$stations = $CI->Stations->all_of_user();
+			$station_ids = array();
+			foreach ($stations->result() as $row) {
+				array_push($station_ids, $row->station_id);
+			}
+
+			// filter by all stations
+			$this->db->where_in("station_id", $station_ids);
 		} else if ($station_id2 != 'All') {
+			// be sure that station belongs to user
+			if (!$CI->Stations->check_station_is_accessible($station_id2)) {
+				return;
+			}
 			$this->db->where("station_id", $station_id2);
 		}
 
+		$this->db->where_in("COL_QSL_SENT", array("R","Q"));
+
 		$this->db->update($this->config->item('table_name'), $data);
 	}
 
@@ -35,6 +49,8 @@ class Qslprint_model extends CI_Model {
 		}
 
 		$this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id');
+		// always filter user. this ensures that even if the station_id is from another user no inaccesible QSOs will be returned
+		$this->db->where('station_profile.user_id', $this->session->userdata('user_id'));
 		$this->db->where_in('COL_QSL_SENT', array('R', 'Q'));
 		$this->db->order_by("COL_TIME_ON", "ASC");
 		$query = $this->db->get($this->config->item('table_name'));
@@ -49,6 +65,13 @@ class Qslprint_model extends CI_Model {
 	}
 
 	function delete_from_qsl_queue($id) {
+		// be sure that QSO belongs to user
+		$CI =& get_instance();
+		$CI->load->model('logbook_model');
+		if (!$CI->logbook_model->check_qso_is_accessible($id)) {
+			return;
+		}
+
 		$data = array(
 			'COL_QSL_SENT' => "N",
 		);
@@ -60,6 +83,13 @@ class Qslprint_model extends CI_Model {
 	}
 
 	function add_qso_to_print_queue($id) {
+		// be sure that QSO belongs to user
+		$CI =& get_instance();
+		$CI->load->model('logbook_model');
+		if (!$CI->logbook_model->check_qso_is_accessible($id)) {
+			return;
+		}
+
 		$data = array(
 			'COL_QSL_SENT' => "R",
 		);
@@ -72,6 +102,8 @@ class Qslprint_model extends CI_Model {
 
 	function open_qso_list($callsign) {
 		$this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id');
+		// always filter user. this ensures that no inaccesible QSOs will be returned
+		$this->db->where('station_profile.user_id', $this->session->userdata('user_id'));
 		$this->db->where('COL_CALL like "%'.$callsign.'%"');
 		$this->db->where('coalesce(COL_QSL_SENT, "") not in ("R", "Q")');
 		$this->db->order_by("COL_TIME_ON", "ASC");