For example, I need to use digits for input from a url-based query
So I want to use ctype_digit
to make sure that the queries are only numbers, and if I were to bind the parameter just to be safe, which one should I do first, or is it redundant to do both?
I currently have this implemented on a garbage-site (something I lazily put together)
I bind the parameter from the parsed-url then within the results (after the bind part)
I display the entry if the id is a digit, this sounds stupid I know like what the hell am I thinking? I don't know.
I should have ctype_digit it before I bound it, or none at all... I don't get what bind_param does, I looked at the manual...
Binds variables to a prepared statement as parameters
That's all that it does, no filtering?
The correct workflow is: