}
function findUserByIdSecure($id)
{
$sql = 'SELECT * FROM users where id = ' . $id;
$result = $this->conn->query($sql);
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
print_r($row);
echo '<br/>';
}
} else {
echo "Nothing to display";
}
}
}
if (isset($_REQUEST['userid']) && $_REQUEST['userid'] != null) {
$link = new DbLink();
$link->findUserByIdSecure($_REQUEST['userid']);
$link->disconnect();
} else {
echo 'nothing to select!<br/>';
}
?>
<form>
User id: <input type="text" name="userid"/>
<br/>
<input type="submit"/>
</form>
</body>
</html>
