first of all im new to Stackoverflow and PHP so dont be to hard to me.
Im struggling this week with a sql query:
SET @i=0;UPDATE highscores SET ranking=@i:=(@i+1) ORDER BY highscore DESC;
i use this sql query because i have a table called 'highscores' and columns called highscore and ranking. this code helps me to automatic organize the ranking system(so the highest highscores get rank 1 etc.(no same rank with the same amount of highscore)), but since im using php and want to it be secure with prepared statements of PDO im really confused how to do it. i need some examples how to convert this sql query to a secured pdo prepared statement so code sniffers wont get into the database. this is the code which works:
$stmt = $db->prepare("SET @i=0;UPDATE highscores SET ranking=@i:=(@i+1) ORDER BY highscore DESC;
$stmt->execute();
but as you see its not secured. i tried with arrays and bindparams but im really confused how to actually get it working while its secured. i hope you guys can help me cuz im struggling with this like 3 days.