info/php-the-right-way
1
0
Fork 0
mirror of https://github.com/codeguy/php-the-right-way.git synced 2025-08-22 21:22:54 +02:00
Code Issues Projects Releases Wiki Activity

Remove filter_input from PDO example

Browse Source
This commit is contained in:
=
2012-07-16 17:25:27 -04:00
parent 040691ca99
commit f01b1b860b
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
_posts/06-01-01-Databases.md
View File

@@ -43,7 +43,7 @@ you should sanitize the ID input using PDO bound parameters.
<?php
$pdo = new PDO('sqlite:users.db');
$stmt = $pdo->prepare('SELECT name FROM users WHERE id = :id');
$stmt->bindParam(':id', filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT), PDO::PARAM_INT);
$stmt->bindParam(':id', $_GET['id'], PDO::PARAM_INT); //<-- Automatically sanitized by PDO
$stmt->execute();
{% endhighlight %}