Permalink
Browse files

Adding functionality to fetch() to use bindParams for secure sanitize…

…d where clauses
  • Loading branch information...
dragoonis committed Dec 13, 2011
2 parents 394f66d + c88e1f0 commit 97dcb060cc9e5bc247020d51ebfe7bce21b17341
Showing with 4 additions and 0 deletions.
  1. +4 −0 PPI/DataSource/PDO/ActiveQuery.php
@@ -106,6 +106,7 @@ function find($id) {
}
function fetch(array $where, array $params = array()) {
+<<<<<<< HEAD
$clause = '';
foreach($where as $field => $val) {
@@ -114,6 +115,9 @@ function fetch(array $where, array $params = array()) {
$clause = str_replace(',', ' AND ', rtrim($clause, ','));
$query = "SELECT * FROM {$this->_meta['table']} WHERE $clause";
return $this->_conn->fetchAssoc($query, $params);
+=======
+ return $this->_conn->fetchAssoc("SELECT * FROM {$this->_meta['table']} WHERE $where", $params);
+>>>>>>> c88e1f02c04aa73424e4e66661ba0db66c4a6887
}
function insert(array $data) {

0 comments on commit 97dcb06

Please sign in to comment.