Use prepared statement rather than direct SQL

[galette.git] / galette / lib / Galette / Entity / Reminder.php

diff --git a/galette/lib/Galette/Entity/Reminder.php b/galette/lib/Galette/Entity/Reminder.php
index c949aef84a766c1a31f827a922a7fb556c16e74a..e7443c615093f43dd1db9c9321d2cd9621377447 100644 (file)
--- a/galette/lib/Galette/Entity/Reminder.php
+++ b/galette/lib/Galette/Entity/Reminder.php
@@ -111,7 +111,7 @@ class Reminder
         try {
             $select = $zdb->select(self::TABLE);
             $select->limit(1)
-                ->where(self::PK . ' = ' . $id);
+                ->where([self::PK => $id]);
 
             $results = $zdb->execute($select);
             $this->loadFromRs($results->current());