From deba97cc4ec71e943119f7cdd3e0d777b60ffffc Mon Sep 17 00:00:00 2001
From: hatorikibble <at.peter.mayr@gmail.com>
Date: Mon, 30 Nov 2015 21:01:21 +0100
Subject: [PATCH 1/2] use quote_identifiers for problematic column names

---
 lib/DBIx/Class/Fixtures.pm | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/DBIx/Class/Fixtures.pm b/lib/DBIx/Class/Fixtures.pm
index 574ec3a..eb6ca43 100644
--- a/lib/DBIx/Class/Fixtures.pm
+++ b/lib/DBIx/Class/Fixtures.pm
@@ -1402,7 +1402,13 @@ sub populate {
              $self->msg("- updating sequence $sequence");
             $rs->result_source->storage->dbh_do(sub {
               my ($storage, $dbh, @cols) = @_;
-              $self->msg(my $sql = "SELECT setval('${sequence}', (SELECT max($column) FROM ${table}));");
+              $self->msg(
+			 my $sql = "SELECT setval('${sequence}', (SELECT max("
+			 .$dbh->quote_identifier($column)
+			 .") FROM "
+			 .$dbh->quote_identifier(${table})
+			 ."));"
+			);
               my $sth = $dbh->prepare($sql);
               my $rv = $sth->execute or die $sth->errstr;
               $self->msg("- $sql");

From b788f241aa3e3efecbace8e40151ae2c204eb468 Mon Sep 17 00:00:00 2001
From: hatorikibble <at.peter.mayr@gmail.com>
Date: Tue, 1 Dec 2015 09:27:27 +0100
Subject: [PATCH 2/2] added bind_param

---
 lib/DBIx/Class/Fixtures.pm | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/lib/DBIx/Class/Fixtures.pm b/lib/DBIx/Class/Fixtures.pm
index eb6ca43..c0df026 100644
--- a/lib/DBIx/Class/Fixtures.pm
+++ b/lib/DBIx/Class/Fixtures.pm
@@ -1403,13 +1403,11 @@ sub populate {
             $rs->result_source->storage->dbh_do(sub {
               my ($storage, $dbh, @cols) = @_;
               $self->msg(
-			 my $sql = "SELECT setval('${sequence}', (SELECT max("
-			 .$dbh->quote_identifier($column)
-			 .") FROM "
-			 .$dbh->quote_identifier(${table})
-			 ."));"
-			);
+			 my $sql = sprintf("SELECT setval(?, (SELECT max(%s) FROM %s));",$dbh->quote_identifier($column),$dbh->quote_identifier($table))
+		       );
               my $sth = $dbh->prepare($sql);
+                 $sth->bind_param(1,$sequence);
+
               my $rv = $sth->execute or die $sth->errstr;
               $self->msg("- $sql");
             });