From c96119c47f56279b070b32c33f410b014014502d Mon Sep 17 00:00:00 2001
From: Patryk Hegenberg <hegenberg@tixeltec.com>
Date: Wed, 14 Dec 2022 08:31:40 +0100
Subject: [PATCH] Section 2 finished.

---
 Database.php |  4 ++--
 index.php    | 12 ++++++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/Database.php b/Database.php
index 5e76ce3..c286423 100644
--- a/Database.php
+++ b/Database.php
@@ -8,9 +8,9 @@ class Database {
         $dsn = 'mysql:'.http_build_query($config, '', ';');
         $this->connection  = new PDO($dsn, $username, $password, [PDO::ATTR_DEFAULT_FETCH_MODE=> PDO::FETCH_ASSOC]);
     }
-    public function query($query) {
+    public function query($query, $params = []) {
         $statement = $this->connection->prepare($query);
-        $statement->execute();
+        $statement->execute($params);
         return $statement;
     }
 }
\ No newline at end of file
diff --git a/index.php b/index.php
index a1df2a5..4203a55 100644
--- a/index.php
+++ b/index.php
@@ -1,11 +1,19 @@
 <?php
 require 'functions.php';
 require 'Database.php';
-require 'router.php';
+//require 'router.php';
 $username = 'appUser';
 $password = 'password';
 $config = require('config.php');
 $db = new Database($config['database'], $username, $password);
-$posts = $db->query("SELECT * FROM posts")->fetchAll(PDO::FETCH_ASSOC);
+$id = $_GET['id'];
+// Variante 1
+$query = "SELECT * FROM posts WHERE id = ?";
+$posts = $db->query($query, [$id])->fetchAll(PDO::FETCH_ASSOC);
+// Variante 2
+//$query = "SELECT * FROM posts WHERE id = :id";
+//$posts = $db->query($query, [':id' => $id])->fetchAll(PDO::FETCH_ASSOC);
+// Beide Varianten machen inhaltlich das Gleiche.
+// freie Wahl, welche der beiden Varianten bevorzugt wird.
 
 dd($posts);
\ No newline at end of file