public function getAll(array $filters = [], $count = 10, $start = 0)
{
$temp = new Models\Picture();
//This along with pdo prepared statements should prevent a sql injection attack
$columns = $this->converter->filterArrayToSqlColumns($filters, $temp);
$whereClause = empty($columns) ? '' : 'WHERE ' . implode('=? AND ', array_keys($columns)) . '=?';
$query = $this->pdo->prepare("SELECT * FROM picture {$whereClause} LIMIT {$start}, {$count}");
$entities = $query->execute(array_values($columns)) ? $query->fetchAll(\PDO::FETCH_ASSOC) : [];
return $this->converter->entityArraysToModels($entities, $temp);
}
