Hi
We are using many times findFirst to load first item based on user value
function userItem($id)
{
return User::findFist($id); // maye be User::find();
}
I want to know does it automatically does clean on SQL injections? Or do I have to use "bind => array(...)" instead ?