diff --git a/threadr/board/board.php b/threadr/board/board.php index 62b8a4c..3fc876c 100644 --- a/threadr/board/board.php +++ b/threadr/board/board.php @@ -3,8 +3,8 @@ $pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w $error = false; $error_message = ""; if (!$error) { - $statement = $pdo->prepare("SELECT * FROM posts WHERE board_id='$id' ORDER BY post_time asc"); - $statement->execute(); + $statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:id ORDER BY post_time asc"); + $statement->execute(array("id"=>$id)); foreach($statement->fetchAll() as $ROW) { echo "
" echo "

$ROW[id]

"