PHPackages addiks/stored-sql - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Database & ORM](/categories/database) 4. / 5. addiks/stored-sql ActiveLibrary[Database & ORM](/categories/database) addiks/stored-sql ================= For handling, modeling and executing stored SQL (functions, queries, conditions, ...) in different contexts v0.1.7(1y ago)01221MITPHPPHP >=8.1 Since Nov 9Pushed 1y ago1 watchersCompare [ Source](https://github.com/addiks/stored-sql)[ Packagist](https://packagist.org/packages/addiks/stored-sql)[ RSS](/packages/addiks-stored-sql/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (12)Versions (10)Used By (1) Stored SQL ========== [](#stored-sql) [![Build Status](https://camo.githubusercontent.com/0e449ecac08513d76f622d58a6842c0748c508fa2b7b08ef9e57a1c5c2b1c915/68747470733a2f2f7472617669732d63692e636f6d2f616464696b732f73746f7265642d73716c2e7376673f6272616e63683d6d6173746572)](https://travis-ci.com/addiks/stored-sql)[![Build Status](https://camo.githubusercontent.com/19a0950b2feb958cbc9dc766a72e8715a4be2d35c197029299d1b00be28a4336/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f616464696b732f73746f7265642d73716c2f6261646765732f6275696c642e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/addiks/stored-sql/build-status/master)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/55f187bd9b26caf238814800c22a387d9d7e7bd8ebcce371ee4fb4445068dce2/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f616464696b732f73746f7265642d73716c2f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/addiks/stored-sql/?branch=master)[![Code Coverage](https://camo.githubusercontent.com/b19364001ceb0ff206137e555da262b37fe508738192bb2145f030ebd30533e8/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f616464696b732f73746f7265642d73716c2f6261646765732f636f7665726167652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/addiks/stored-sql/?branch=master)[![Code Intelligence Status](https://camo.githubusercontent.com/01c165eb852c7435041537d17ed4ef1923e4ea3d8e8cf81c7868110138e7dc3c/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f616464696b732f73746f7265642d73716c2f6261646765732f636f64652d696e74656c6c6967656e63652e7376673f623d6d6173746572)](https://scrutinizer-ci.com/code-intelligence) WARNING: Unfinished, Work in progress! -------------------------------------- [](#warning-unfinished-work-in-progress) This library provides a very flexible and dynamic toolset to analyse and manipulate SQL statements and SQL-segments. In contrast with other SQL libraries, this can deal with snippets of SQL. A snippet like `WHERE foo.bar = "Lorem"`is a perfectly fine and valid piece of SQL. It may not be runnable on a server itself (and this library knows this), but it can be worked with even if the rest of the query is unknown and / or missing. The main purpose of this is to be able to store SQL parts in the database and use them as very flexible, user-definable rules that can easily be validated and merged into a real SQL query that then runs on the server. For example, if you have a warehousing system and want to determine which warehouse should fulfill a delivery, and have this rule user-definable and changable at any time, you could store the rules in the database like this: IDwarehouse\_namedelivery\_rulepriorityjklQA (Handles 3%)WHERE RANDOM() % 30 = 11000ghiNightshiftWHERE TIME() NOT BETWEEN "06:00" AND "20:00"400defWarehouse for USALEFT JOIN deliveries d ON(w.id = d.warehouse) WHERE d.countryCode = "USA"200abcFallback WarehouseWHERE 1100As you can see, we have stored very complex rules in the database without the need for any additional tables and in a way that can make use of the complete SQL capabilities. The security question --------------------- [](#the-security-question) So, to answer the obvious next question: Why is this not a huge security risk? What if someone enters a "rule" like `DROP TABLE orders`? Would that not delete the whole orders table? The answer to that is: No, it would simply produce an error. Every SQL snippet is tokenized and parsed into an AST tree, you only need to look at the root nodes to understand what the query is. A snippet like `LEFT JOIN foo f ON(f.a=b.id) WHERE f.bar=e.baz` would produce just two root nodes: A `SqlAstJoin` node and a `SqlAstWhere` node, so you can control very easily what types of SQL-snippets are allowed and which should be rejected. Additionally to that , the parser is build in a modular way so that you can limit the SQL that it understands. You know that at a certain point you expect only `ORDER BY` snippets with a very simple condition consisting of only simple operations and a few functions like `COUNT` or `SUM`, then only include these modules in the parser. If someone tries to be sneaky and submits something like `ORDER BY EVAL("DROP TABLE orders")`, the parser will reject the unexpected call to the "EVAL" function. This also automatically excludes any type of SQL specialities that might be a loophole, because these specialities are not included in this SQL library (unless you code that in yourself). In short: This library gives YOU control over what SQL is allowed and what is not allowed. You define a white-list, and anything not on that whitelist is rejected. (Similar to an HTML-filter in a forum) The client side --------------- [](#the-client-side) This library has two sides: A server side in PHP, and a client side written in Typescript. Both parts contain the same dynamic SQL parser, but the client side also contains some UI code to provide the user with an easy-to-use widget to modify the SQL parts. After all, not everyone understands SQL. Both sides (client and server) are testet against the same set of fixtures to ensure that both parsers are compatible. Warning: the client side is far from finished and needs much work. ### Health Score 29 — LowBetter than 59% of packages Maintenance38 Infrequent updates — may be unmaintained Popularity10 Limited adoption so far Community9 Small or concentrated contributor base Maturity51 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~105 days Recently: every ~183 days Total 8 Last Release 537d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/8b81d97695fba5387f973960ed1ceac7b2a3ad55016bcbddb1de21b7276f9f45?d=identicon)[addiks](/maintainers/addiks) --- Top Contributors [![addiks](https://avatars.githubusercontent.com/u/3450330?v=4)](https://github.com/addiks "addiks (65 commits)") ### Code Quality TestsPHPUnit Static AnalysisPHPStan, Psalm Type Coverage Yes ### Embed Badge ![Health badge](/badges/addiks-stored-sql/health.svg) ``` [![Health](https://phpackages.com/badges/addiks-stored-sql/health.svg)](https://phpackages.com/packages/addiks-stored-sql) ``` ### Alternatives [theofidry/alice-data-fixtures Nelmio alice extension to persist the loaded fixtures. 32528.5M70](/packages/theofidry-alice-data-fixtures)[ssch/typo3-rector Instant fixes for your TYPO3 PHP code by using Rector. 2592.8M263](/packages/ssch-typo3-rector)[sylius/grid-bundle Amazing grids with support of filters and custom fields integrated into Symfony. 1358.3M44](/packages/sylius-grid-bundle)[rector/rector-src Instant Upgrade and Automated Refactoring of any PHP code 134391.5k12](/packages/rector-rector-src)[webmozart/key-value-store A key-value store API with implementations for different backends. 124419.2k11](/packages/webmozart-key-value-store)[setono/doctrine-orm-batcher A library for processing large collections in Doctrine 28631.7k6](/packages/setono-doctrine-orm-batcher) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)