findByAttributes and SQL Injections

Hi,

i am wondering if it is safe to use:




$this->findByAttributes(array('var1' => $var1, 'var2' => $var2));



Are the parameters internally bound or do i have to use CDbCriteria to be safe of SQL Injections?

Thanks in advance.

Short answer: It’s safe, they are bound.

Thanks!