diff --git a/app/devices/device_edit.php b/app/devices/device_edit.php
index a8b3e01de0..599a00eb0a 100644
--- a/app/devices/device_edit.php
+++ b/app/devices/device_edit.php
@@ -137,11 +137,11 @@
 				$_POST["device_mac_address"] = $device_mac_address;
 			}
 			else {
-				$orm = new orm;
-				$orm->name('devices');
-				$orm->uuid($device_uuid);
-				$result = $orm->find()->get();
-				//$message = $orm->message;
+				$sql = "select * from v_devices ";
+				$sql .= "where device_uuid = '$device_uuid' ";
+				$prep_statement = $db->prepare(check_sql($sql));
+				$prep_statement->execute();
+				$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
 				foreach ($result as &$row) {
 					$device_mac_address = $row["device_mac_address"];
 					$_POST["device_mac_address"] = $device_mac_address;
@@ -341,11 +341,11 @@
 
 //pre-populate the form
 	if (count($_GET) > 0 && $_POST["persistformvar"] != "true") {
-		$orm = new orm;
-		$orm->name('devices');
-		$orm->uuid($device_uuid);
-		$result = $orm->find()->get();
-		//$message = $orm->message;
+		$sql = "select * from v_devices ";
+		$sql .= "where device_uuid = '$device_uuid' ";
+		$prep_statement = $db->prepare(check_sql($sql));
+		$prep_statement->execute();
+		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
 		foreach ($result as &$row) {
 			$device_mac_address = $row["device_mac_address"];
 			$domain_uuid = $row["domain_uuid"];