Refactor customer profile query to use prepared

HashJProgramming · HashJProgramming · commit db5f5a436c87 · 2023-11-16T20:19:22.000+08:00
statement
diff --git a/profile-customer.php b/profile-customer.php
@@ -15,7 +15,14 @@
 $stmt->execute();
 $results = $stmt->fetchAll();
 
-$customer_fullname = $results[0]['fullname'];
+$sql = 'SELECT fullname 
+        FROM customers 
+        WHERE id = :id';
+$stmt = $db->prepare($sql);
+$stmt->bindParam(':id', $customer_id);
+$stmt->execute();
+$info = $stmt->fetch();
+$customer_fullname = $info['fullname'];
 
 ?>
 
