diff --git a/modules/media/php/NDB_Form_media.class.inc b/modules/media/php/NDB_Form_media.class.inc
index 68b8c72ffc5..c6d442ca288 100644
--- a/modules/media/php/NDB_Form_media.class.inc
+++ b/modules/media/php/NDB_Form_media.class.inc
@@ -52,8 +52,8 @@ class NDB_Form_Media extends NDB_Form
         // Check if media file exists, if not redirect to /media/ page
         if (isset($idMediaFile)) {
             $result = $db->pselectRow(
-                "SELECT id FROM media WHERE id = $idMediaFile",
-                []
+                "SELECT id FROM media WHERE id = :mid",
+                array('mid' => $idMediaFile)
             );
             if (count($result) < 1) {
                 header('Location: ' . $baseURL . '/media/');