Is this secure enough?

I'm new with PDO, and I just wanted to know if this code:

$string = $_POST['string'];
$matches = $SQL->prepare("SELECT * FROM `users` WHERE `name` LIKE ?");
$matches->execute(array('%'.$string.'%'));

foreach($matches->fetchAll() as $match) {
    echo $match["name"开发者_开发问答]."<br/>";
}

Is secure enough? I just wan't to be sure and prevent from hacking. This code will withdraw all users from the database with name like in the $string variable.

Feel free to post your solutions also!

PDO will automatically escape any input given to it before executing the query, so in terms of an SQL injection attack, it is safe.