Refactor xPDO->sanitizePKCriteria to use prepared statments

Author: opengeek

src/xPDO/xPDO.php

@@ -2750,20 +2750,19 @@ protected function sanitizePKCriteria($className, &$criteria) {
         if (is_scalar($criteria)) {
             $pkType = $this->getPKType($className);
             if (is_string($pkType)) {
-                if (is_string($criteria) && !xPDOQuery::isValidClause($criteria)) {
-                    $criteria = null;
-                } else {
-                    switch ($pkType) {
-                        case 'int':
-                        case 'integer':
-                            $criteria = (int)$criteria;
-                            break;
-                        case 'string':
-                            if (is_int($criteria)) {
-                                $criteria = (string)$criteria;
-                            }
+                $pk = $this->getPK($className);
+                switch ($pkType) {
+                    case 'int':
+                    case 'integer':
+                        if (!is_numeric($criteria)) {
+                            $criteria = null;
                             break;
-                    }
+                        }
+                        $criteria = [$pk => (int)$criteria];
+                        break;
+                    case 'string':
+                        $criteria = [$pk => (string)$criteria];
+                        break;
                 }
             } elseif (is_array($pkType)) {
                 $criteria = null;