itrn0 / php-sql-interpolator

A library for interpolating variables into SQL strings in a safe and simple way.

Maintainers

Details

github.com/itrn0/php-sql-interpolator

Source

Issues

Installs: 140

Dependents: 1

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.1.0 2023-02-10 08:42 UTC

Requires

php: >=5.6

Requires (Dev)

phpunit/phpunit: ^9.5

Suggests

None

Provides

None

Conflicts

None

Replaces

None

MIT b126a1f98b1b310a93549a4ad829dcfa6784d621

itrn0

dev-master
v1.1.0
v1.0.0

This package is auto-updated.

Last update: 2025-04-10 13:50:53 UTC

README

PHP SQL Interpolator is a library that allows you to safely interpolate variables into SQL queries. The library is designed to prevent SQL injection.

Installation

You can install the library via composer:

composer require itrn0/php-sql-interpolator

Usage

To use the library, you need to create a new instance of the SqlInterpolator class and use the __invoke method to interpolate variables into your SQL query.

$interp = new SqlInterpolator();
$userId = 1002;
$query = <<<SQL
    SELECT * FROM users WHERE id = {$interp($userId)} 
        OR name IN ({$interp('Alice', 'Bob')})
SQL;
$params = $interp->getParams(); // { ":param_1" => 1002, ... }

// database query example
$db->query($query, $params);