1
0
mirror of https://github.com/dg/dibi.git synced 2025-02-22 18:02:25 +01:00

readme: some minor corrections (#331)

This commit is contained in:
magikstm 2019-05-29 07:44:50 -04:00 committed by David Grudl
parent 7e127f5914
commit 219882a962

View File

@ -110,7 +110,7 @@ $ids = [10, 20, 30];
$result = $database->query('SELECT * FROM users WHERE id IN (?)', $ids);
```
**WARNING, never concencate parameters to SQL, the vulnerability would arise [SQL injection](https://en.wikipedia.org/wiki/SQL_injection)**
**WARNING: Never concatenate parameters to SQL. It would create a [SQL injection](https://en.wikipedia.org/wiki/SQL_injection)** vulnerability.
```
$result = $database->query('SELECT * FROM users WHERE id = ' . $id); // BAD!!!
```
@ -147,7 +147,7 @@ $name = $database->fetchSingle('SELECT name FROM users WHERE id = ?', $id);
### Modifiers
In addition to the `?` wild char, we can also use modifiers:
In addition to the `?` wildcard char, we can also use modifiers:
| modifier | description
|----------|-----