diff --git a/Database.php b/Database.php
index 5e76ce3..c286423 100644
--- a/Database.php
+++ b/Database.php
@@ -8,9 +8,9 @@ class Database {
         $dsn = 'mysql:'.http_build_query($config, '', ';');
         $this->connection  = new PDO($dsn, $username, $password, [PDO::ATTR_DEFAULT_FETCH_MODE=> PDO::FETCH_ASSOC]);
     }
-    public function query($query) {
+    public function query($query, $params = []) {
         $statement = $this->connection->prepare($query);
-        $statement->execute();
+        $statement->execute($params);
         return $statement;
     }
 }
\ No newline at end of file
diff --git a/index.php b/index.php
index a1df2a5..4203a55 100644
--- a/index.php
+++ b/index.php
@@ -1,11 +1,19 @@
 <?php
 require 'functions.php';
 require 'Database.php';
-require 'router.php';
+//require 'router.php';
 $username = 'appUser';
 $password = 'password';
 $config = require('config.php');
 $db = new Database($config['database'], $username, $password);
-$posts = $db->query("SELECT * FROM posts")->fetchAll(PDO::FETCH_ASSOC);
+$id = $_GET['id'];
+// Variante 1
+$query = "SELECT * FROM posts WHERE id = ?";
+$posts = $db->query($query, [$id])->fetchAll(PDO::FETCH_ASSOC);
+// Variante 2
+//$query = "SELECT * FROM posts WHERE id = :id";
+//$posts = $db->query($query, [':id' => $id])->fetchAll(PDO::FETCH_ASSOC);
+// Beide Varianten machen inhaltlich das Gleiche.
+// freie Wahl, welche der beiden Varianten bevorzugt wird.
 
 dd($posts);
\ No newline at end of file