MySQL Placeholders and Order By

Permalink
I am trying to use place holders on the Order By portion a query. I can use the question mark for the Where part of the query, like this:

$faqs = $db->GetAll('SELECT * from WebliQuestions WHERE category = ? ORDER BY author desc', array($category))


But if I try to add some questions marks so I can pass different data to the Order By it doesn't work, the results are not ordered correctly:

$faqs = $db->GetAll('SELECT * from WebliQuestions WHERE category = ? ORDER BY ? ?', array($category, 'author', 'desc'));


When the query is a GetALL is there a concern for injection? I saw some examples in the core that have lead me to believe this might be OK:

if($category == 1){
  $query = 'SELECT * from WebliQuestions ORDER BY ' . $this->sortBy . ' ' . $this->sortByDirection;
} else {
  $query = 'SELECT * from WebliQuestions WHERE category = ' . $this->category. ' ORDER BY ' . $this->sortBy . ' ' . $this->sortByDirection;
}
$results = $db->GetAll($query);


The above code does what I want to do, but is it a safe way to do it? Any suggestions?
-thanks

pvernaglia