Prevent blind SQL injection

The fight lives on

symphony/lib/toolkit/class.sectionmanager.php

@@ -215,6 +215,7 @@ public static function fetch($section_id = null, $order = 'ASC', $sortfield = 'n
      */
     public static function fetchIDFromHandle($handle)
     {
+        $handle = Symphony::Database()->cleanValue($handle);
         return Symphony::Database()->fetchVar('id', 0, "SELECT `id` FROM `tbl_sections` WHERE `handle` = '$handle' LIMIT 1");
     }