PHPackages neoparla/dbescaper - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Database & ORM](/categories/database) 4. / 5. neoparla/dbescaper ActiveLibrary[Database & ORM](/categories/database) neoparla/dbescaper ================== Database wrapper to escape properly, allowing meaningful queries with parametrized values 1.0.1(8y ago)011MITPHPPHP >=5.3 Since Dec 3Pushed 8y ago1 watchersCompare [ Source](https://github.com/neoparla/dbescaper)[ Packagist](https://packagist.org/packages/neoparla/dbescaper)[ RSS](/packages/neoparla-dbescaper/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (4)Dependencies (1)Versions (5)Used By (0) DbEscaper ========= [](#dbescaper) [![Build Status](https://camo.githubusercontent.com/87a73d6b2afa2337b6f935e80295b001216b6650732cc2e1f14a1f92e5aac29f/68747470733a2f2f7472617669732d63692e6f72672f6e656f7061726c612f6462657363617065722e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/neoparla/dbescaper) Database wrapper to escape properly, allowing meaningful queries with parametrized values Getting started --------------- [](#getting-started) Install it through `composer` with ``` composer require neoparla/dbescaper ``` First step: connect ------------------- [](#first-step-connect) To create an instance just initialize it with connection data. ``` $db_escaper = DbEscaper::init( array( 'host' => 'host', 'user' => 'user', 'pass' => 'pass', 'schema' => 'schema', // 'port' => 3306 ) ); ``` By default it will connect through port 3306. Basic queries ------------- [](#basic-queries) To run a basic query, just `DbEscaper::query`. ``` $db_escaper->query('show tables'); ``` Statements ---------- [](#statements) To avouid unwanted queries to be executed (aka SQLInjection) use `DbEscaper::prepare()`. ``` $statement = $db_escaper->prepare($sql, $query_label); ``` You can bind following types of data. - **Double** *No transform* - **Integer** *No transform* - **String** - **Field** - **Tuple** ### Binding::String [](#bindingstring) It'll escape strings (such as quotes) and wrapp it with quotes ``` $value = "string with quotes (') and slashes (\)"; DbStatement->bindParam(':binding', $value, Binding::String); // Real query: 'string with quotes (\') and slashes (\\)' ``` ### Binding::Field [](#bindingfield) It'll ensure valid MySQL field name and wrap it with backtips ``` $value = "field_name"; DbStatement->bindParam(':binding', $value, Binding::Field); // Real query: `field_name` ``` ### Binding::Tuple [](#bindingtuple) It'll ensure all values are valid and will transform them if needed. ``` $value = new DbTuple(Binding::PARAM_STRING, array('string 1', 'string 2'), DbTuple::WITH_PARENTHESIS);; DbStatement->bindParam(':binding', $value, Binding::Tuple); // Real query: ( 'string 1', 'string 2' ) ``` #### DbTuple class [](#dbtuple-class) To bind tuples you must use `DbTuple` class. ### Binding::Double and Binding::Integer [](#bindingdouble-and-bindinginteger) These kind of bindings won't perform any transformation. It'll just check correct data type. ### Health Score 26 — LowBetter than 43% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity5 Limited adoption so far Community7 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~363 days Total 4 Last Release 3096d ago Major Versions 0.1.1 → 1.0.02015-04-11 ### Community Maintainers ![](https://www.gravatar.com/avatar/a82b1a881ad83731dc72c8b615a33f643c7ddbf21bb1eb222f8b0ef544333964?d=identicon)[htw](/maintainers/htw) --- Top Contributors [![neoparla](https://avatars.githubusercontent.com/u/6400215?v=4)](https://github.com/neoparla "neoparla (18 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/neoparla-dbescaper/health.svg) ``` [![Health](https://phpackages.com/badges/neoparla-dbescaper/health.svg)](https://phpackages.com/packages/neoparla-dbescaper) ``` ### Alternatives [doctrine/orm Object-Relational-Mapper for PHP 10.2k285.3M6.2k](/packages/doctrine-orm)[jdorn/sql-formatter a PHP SQL highlighting library 3.9k115.1M102](/packages/jdorn-sql-formatter)[illuminate/database The Illuminate Database package. 2.8k52.4M9.4k](/packages/illuminate-database)[ramsey/uuid-doctrine Use ramsey/uuid as a Doctrine field type. 90440.3M211](/packages/ramsey-uuid-doctrine)[reliese/laravel Reliese Components for Laravel Framework code generation. 1.7k3.4M16](/packages/reliese-laravel)[wildside/userstamps Laravel Userstamps provides an Eloquent trait which automatically maintains `created\_by` and `updated\_by` columns on your model, populated by the currently authenticated user in your application. 7511.7M13](/packages/wildside-userstamps) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)