Fix escaping

diff --git a/CRM/Utils/File.php b/CRM/Utils/File.php
index 5bfbd9dfc4cb5fc4b9689f0893910ba28ccab4fd..485280bd74388dff1f7e43e6945ee069cb96606b 100644 (file)
--- a/CRM/Utils/File.php
+++ b/CRM/Utils/File.php
@@ -312,7 +312,7 @@ class CRM_Utils_File {
     }
     $db->query('SET NAMES utf8');
     $transactionId = CRM_Utils_Type::escape(CRM_Utils_Request::id(), 'String');
-    $db->query('SET @uniqueID = ' . $transactionId);
+    $db->query('SET @uniqueID = ' . "'$transactionId'");
 
     if (!$isQueryString) {
       $string = $prefix . file_get_contents($fileName);