I have this code in my controller:
class ArchController extends Controller
{
public function actionIndex(string $date, array $rubric_id )
{
$articles = Article::find()->where('published < :date', [':date' => $date])
->andWhere(['in', 'rubric', $rubric_id])
->andWhere('ISNULL(arch)')->all();
...
It seems to me it is not safe because $rubric_id is user input. How can I make parametr binding, something like this:
‘:rubric_id’ => $rubric_id