From 883277125acc7274ab929c6fb4d9d7cc43267194 Mon Sep 17 00:00:00 2001
From: Sebastiaan Janssen <sebastiaan@umbraco.com>
Date: Tue, 26 Mar 2013 13:27:46 -0100
Subject: [PATCH] Can't use parameters here as the query gets butchered.

---
 src/umbraco.editorControls/DefaultDataKeyValue.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/umbraco.editorControls/DefaultDataKeyValue.cs b/src/umbraco.editorControls/DefaultDataKeyValue.cs
index 03b5508369..e3c6f9a9ba 100644
--- a/src/umbraco.editorControls/DefaultDataKeyValue.cs
+++ b/src/umbraco.editorControls/DefaultDataKeyValue.cs
@@ -25,7 +25,7 @@ namespace umbraco.editorControls
                 // Don't query if there's nothing to query for..
                 if (string.IsNullOrWhiteSpace(Value.ToString()) == false)
                 {
-                    IRecordsReader dr = SqlHelper.ExecuteReader("Select [value] from cmsDataTypeprevalues where id in (@id)", SqlHelper.CreateParameter("id", Value.ToString()));
+                    IRecordsReader dr = SqlHelper.ExecuteReader("Select [value] from cmsDataTypeprevalues where id in (" + SqlHelper.EscapeString(Value.ToString()) + ")");
 
                     while (dr.Read())
                     {