PHPackages                             andrewbreksa/mysql-escape-string-polyfill - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Utility &amp; Helpers](/categories/utility)
4. /
5. andrewbreksa/mysql-escape-string-polyfill

ActiveLibrary[Utility &amp; Helpers](/categories/utility)

andrewbreksa/mysql-escape-string-polyfill
=========================================

mysql-escape-string-polyfill is a very insecure `mysql\_escape\_string` implementation (PHP 7.1/7.2/8.0) for a very limited use case

1.0.4(1mo ago)9832MITPHPPHP ^7.1|^7.2|^8.0CI failing

Since Mar 14Pushed 1mo ago1 watchersCompare

[ Source](https://github.com/abreksa4/mysql-escape-string-polyfill)[ Packagist](https://packagist.org/packages/andrewbreksa/mysql-escape-string-polyfill)[ RSS](/packages/andrewbreksa-mysql-escape-string-polyfill/feed)WikiDiscussions master Synced today

READMEChangelog (5)Dependencies (2)Versions (6)Used By (0)

mysql-escape-string-polyfill
----------------------------

[](#mysql-escape-string-polyfill)

[![Build Status](https://camo.githubusercontent.com/98d48890d7c1c183f3b0881407cf59e221ad6270afc1068fdf6e57a85fa528c9/68747470733a2f2f7472617669732d63692e6f72672f616272656b7361342f6d7973716c2d6573636170652d737472696e672d706f6c7966696c6c2e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/abreksa4/mysql-escape-string-polyfill)[![codecov](https://camo.githubusercontent.com/92c960c1ab7e82327d628d22c2b398cac3c3f932c83a0bd1f8dade398a8dde67/68747470733a2f2f636f6465636f762e696f2f67682f616272656b7361342f6d7973716c2d6573636170652d737472696e672d706f6c7966696c6c2f6272616e63682f6d61737465722f67726170682f62616467652e737667)](https://codecov.io/gh/abreksa4/mysql-escape-string-polyfill)

mysql-escape-string-polyfill is a very insecure `mysql_escape_string` implementation (PHP 7.1/7.2) for a very limited use case

Usage
=====

[](#usage)

1. Install this package via composer: `composer require andrewbreksa/mysql-escape-string-polyfill`
2. Find all the places you use the `mysql_*` functions, and refactor your code to use PDO

Limitations
===========

[](#limitations)

- Uses the following map to replace characters in a string: ```
    $replacementMap = [
        "\0" => "\\0",
        "\n" => "\\n",
        "\r" => "\\r",
        "\t" => "\\t",
        chr(26) => "\\Z",
        chr(8) => "\\b",
        '"' => '\"',
        "'" => "\'",
        '_' => "\_",
        "%" => "\%",
        '\\' => '\\\\'
    ];
    ```
- Not very comprehensively tested, this will be an ongoing effort as new edge cases are discovered

Hacking on the complex source code
==================================

[](#hacking-on-the-complex-source-code)

The implementation can be found in [functions.php](./src/functions.php), and you can run tests by executing `composer test`

###  Health Score

50

—

FairBetter than 95% of packages

Maintenance88

Actively maintained with recent releases

Popularity18

Limited adoption so far

Community12

Small or concentrated contributor base

Maturity69

Established project with proven stability

 Bus Factor1

Top contributor holds 78.3% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~639 days

Total

5

Last Release

59d ago

PHP version history (2 changes)1.0.0PHP ^7.1|^7.2

1.0.4PHP ^7.1|^7.2|^8.0

### Community

Maintainers

![](https://www.gravatar.com/avatar/881e86700b490ed77a8be2ab32ba3179ca7188a2e6bd94a0f2115eb2ed2c1ca2?d=identicon)[abreksa4](/maintainers/abreksa4)

---

Top Contributors

[![abreksa4](https://avatars.githubusercontent.com/u/6120041?v=4)](https://github.com/abreksa4 "abreksa4 (18 commits)")[![adhocore](https://avatars.githubusercontent.com/u/2908547?v=4)](https://github.com/adhocore "adhocore (3 commits)")[![holdmann](https://avatars.githubusercontent.com/u/2150007?v=4)](https://github.com/holdmann "holdmann (2 commits)")

---

Tags

dont-use-this-no-reallyext-mysqlinsecuremysqlmysql-escape-stringphppolyfill

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/andrewbreksa-mysql-escape-string-polyfill/health.svg)

```
[![Health](https://phpackages.com/badges/andrewbreksa-mysql-escape-string-polyfill/health.svg)](https://phpackages.com/packages/andrewbreksa-mysql-escape-string-polyfill)
```

###  Alternatives

[jeroen/rewindable-generator

Provides a simple adapter to make generators rewindable

1655.4k2](/packages/jeroen-rewindable-generator)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)