Is there any risk in using integers (and other hardcoded variables) in PDO statments?
$STH=$DBH->prepare("SELECT name FROM Employees WHERE active=1");
Seems like it would be a lot of hassle to write it like this:
$STH=$DBH->prepare("SELECT name FROM Employees WHERE active=:active_status");
(Also, is my syntax ok in the 2nd example?)