6
Do use queryF with CAUTION. queryF will execute your SQL no matter what request method is used - GET or POST - so if your variables are coming from $_GET you should be ABSOLUTELY certain that it has not been tampered with and that it is indeed an integer (which you can do with intval($variable) to avoid SQL injection.