Menu
Howdy?
Basically i have not been able to find anything stating otherwise that
[code=php]
$sth->execute(array($var1, $var2));
Executing with the parameters included is equal to
[code=php]
$sth->bindParam(1, $var1, PDO::PARAM_INT);
$sth->bindParam(2, $var2, PDO::PARAM_STR, 12);
$sth->execute();
Executing with the parameters defined in bindParam() Security wise.
Using bindParam seems more secure to me because it defines the data type.. (like PDO:?ARAM_INT)
Can anyone Clarify if either is superior to the other in security, Please and Thanks ?