From 61776f1e748901bb7db12dab6b3f3e43b2d24e9c Mon Sep 17 00:00:00 2001
From: Ingo Schommer <ingo@silverstripe.com>
Date: Wed, 9 Sep 2009 23:47:56 +0000
Subject: [PATCH] MINOR Using raw2sql in CMSMain->delete()

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@85984 467b73ca-7a2a-4603-9d3b-597d59a354a9
---
 code/CMSMain.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/code/CMSMain.php b/code/CMSMain.php
index 4cd99d44..ef67acd8 100644
--- a/code/CMSMain.php
+++ b/code/CMSMain.php
@@ -621,9 +621,11 @@ JS;
 	 * Delete the current page from draft stage.
 	 * @see deletefromlive()
 	 */
-	public function delete($urlParams, $form) {
-		$id = $_REQUEST['ID'];
-		$record = DataObject::get_one("SiteTree", "\"SiteTree\".\"ID\" = $id");
+	public function delete($data, $form) {
+		$record = DataObject::get_one(
+			"SiteTree", 
+			sprintf("\"SiteTree\".\"ID\" = %d", Convert::raw2sql($data['ID']))
+		);
 		if($record && !$record->canDelete()) return Security::permissionFailure();
 		
 		// save ID and delete record