how to use prepared statements?

Hi,
How I can use prepared statements with phpmaker 2024. please post an example.
e.g. using QueryBuilder with prepared statements.Thanks

You may read Using Prepared Statements.Note: Conn() returns DBAL connection object.

Hi,

$newsID = Post('ID');
$conn = Conn();
$sql = "SELECT NewsTitle, NewsText, PostDate FROM news WHERE ID = ? AND IsActive = ?";
$stmt = $conn->executeQuery($sql, [$newsID, 'Y']); 
$row = $stmt->fetchAssociative(); 
echo "Title: " . $row['NewsTitle'] . "<br>";
echo "Text: " . $row['NewsText'] . "<br>";
echo "Date: " . $row['PostDate'] . "<br>";

What is the best scenario to increase the security in my samle code?
Which is better RemoveXss() or AdjustSql() ?Thanks

  1. RemoveXss() is used to remove dangerous code.
  2. AdjustSql() is used to adjust the single quotes in the value. If you use prepared statement, you don’t need to use it.