What is params for?

I am going through the "Agile Web Application Development With Yii" book.

In the book there’s a piece of code that I don’t understand:




public function actionIndex()

	{

		$dataProvider=new CActiveDataProvider('Issue', array(

			'criteria'=>array(

			'condition'=>'project_id=:projectId',

				'params'=>array(':projectId'=>$this->_project->id),

				),

		));	



What is line 6 used for?

It passes the parameter (param) to the line above it. Simply a convenience to keep the condition parameter clean and readable.

Matt

Because




public function actionIndex() {

    $dataProvider=new CActiveDataProvider('Issue', array(

        'criteria'=>array(

            'condition'=>'project_id='.$_GET['project_id'],

         ),

    ));



is a big hole for sql injections.

This makes a lot more sense now, thank you.

And it really does make things a little cleaner.