diff --git a/reference/pdo/pdo/prepare.xml b/reference/pdo/pdo/prepare.xml
index 6835de16ee..fd3bd86c7b 100644
--- a/reference/pdo/pdo/prepare.xml
+++ b/reference/pdo/pdo/prepare.xml
@@ -22,6 +22,8 @@
    for which real values will be substituted when the statement is executed.
    You cannot use both named and question mark parameter markers within the same
    SQL statement; pick one or the other parameter style.
+   Use these parameters to bind any user-input, do not include the user-input
+   directly in the query.
   </para>
   <para>
    You must include a unique parameter marker for each value you wish to pass