From 6c5904ba7fd0e3e62aebebfa07185dba73f68d6b Mon Sep 17 00:00:00 2001
From: Kevin Decherf <kevin@kdecherf.com>
Date: Mon, 27 Nov 2017 22:48:17 +0100
Subject: [PATCH] Replace raw query with named parameter

Fix possible issue with special chars on #3139

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
---
 app/DoctrineMigrations/Version20170719231144.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/DoctrineMigrations/Version20170719231144.php b/app/DoctrineMigrations/Version20170719231144.php
index 0c749150..265b539a 100644
--- a/app/DoctrineMigrations/Version20170719231144.php
+++ b/app/DoctrineMigrations/Version20170719231144.php
@@ -42,12 +42,13 @@ class Version20170719231144 extends AbstractMigration implements ContainerAwareI
             $label = $duplicates['LOWER(label)'];
 
             // Retrieve all duplicate tags for a given tag
-            $tags = $this->connection->query('
+            $tags = $this->connection->createQuery('
                 SELECT id
                 FROM   ' . $this->getTable('tag') . "
-                WHERE  LOWER(label) = '" . $label . "'
+                WHERE  LOWER(label) = :label
                 ORDER BY id ASC"
             );
+            $tags->setParameter('label', $label);
             $tags->execute();
 
             $first = true;
-- 
2.41.0