Is it secure to call __construct()
in login or sign up class this way:
function __construct(PDO $DBH, $_POST['1'], $_POST['2'])
{
$this->_user=$_POST['1'];
$this->_pass=$_POST['2'];
$this->_DBH=$DBH;
}
I want to sanitize user input later inside this class and I'm not sure would my code be ripe for SQL injection or XSS because of class costructed with raw POST input?