PHPackages                             skydiablo/sql-query-builder - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Database &amp; ORM](/categories/database)
4. /
5. skydiablo/sql-query-builder

ActiveLibrary[Database &amp; ORM](/categories/database)

skydiablo/sql-query-builder
===========================

PHP library for building SQL queries with named parameters

053PHP

Since Jun 12Pushed 7mo agoCompare

[ Source](https://github.com/skydiablo/sql-query-builder)[ Packagist](https://packagist.org/packages/skydiablo/sql-query-builder)[ RSS](/packages/skydiablo-sql-query-builder/feed)WikiDiscussions main Synced today

READMEChangelogDependenciesVersions (1)Used By (0)

SkyDiablo SQL Query Builder
===========================

[](#skydiablo-sql-query-builder)

A PHP library for building SQL queries with named parameters that converts them to positional parameters for database drivers.

Features
--------

[](#features)

- Convert named parameters (`:varname`) to positional parameters (`?`)
- Handle duplicate parameter occurrences correctly
- Validate parameter completeness
- Extract parameter names from queries
- Type-safe and well-documented

Installation
------------

[](#installation)

Add this library to your project:

```
composer require skydiablo/sql-query-builder
```

Usage
-----

[](#usage)

### Basic Example

[](#basic-example)

```
use SkyDiablo\SqlQueryBuilder\QueryBuilder;

// Your query with named parameters
$query = "SELECT * FROM users WHERE name = :name AND age > :age";

// Your parameters as associative array
$parameters = [
    'name' => 'John Doe',
    'age' => 25
];

// Convert to positional parameters
$result = QueryBuilder::build($query, $parameters);

// Get the processed query and parameters
$processedQuery = $result->getQuery(); // "SELECT * FROM users WHERE name = ? AND age > ?"
$orderedParams = $result->getParameters(); // ['John Doe', 25]

// Use with your database driver
$stmt = $pdo->prepare($processedQuery);
$stmt->execute($orderedParams);
```

### Handling Duplicate Parameters

[](#handling-duplicate-parameters)

The library correctly handles duplicate parameter occurrences:

```
$query = "SELECT * FROM users WHERE (name = :name OR username = :name) AND age > :age";
$parameters = [
    'name' => 'John Doe',
    'age' => 25
];

$result = QueryBuilder::build($query, $parameters);
// Result: "SELECT * FROM users WHERE (name = ? OR username = ?) AND age > ?"
// Parameters: ['John Doe', 'John Doe', 25]
```

### Parameter Validation

[](#parameter-validation)

Check if all required parameters are provided:

```
$query = "SELECT * FROM users WHERE name = :name AND age > :age";
$parameters = ['name' => 'John Doe']; // Missing 'age'

// This will throw an exception
try {
    $result = QueryBuilder::build($query, $parameters);
} catch (\InvalidArgumentException $e) {
    echo $e->getMessage(); // "Missing parameter 'age' in parameters array"
}

// Or validate before building
if (QueryBuilder::validateParameters($query, $parameters)) {
    $result = QueryBuilder::build($query, $parameters);
} else {
    echo "Missing parameters!";
}
```

### Extract Parameter Names

[](#extract-parameter-names)

Get all parameter names used in a query:

```
$query = "SELECT * FROM users WHERE name = :name AND age > :age AND city = :city";
$paramNames = QueryBuilder::getParameterNames($query);
// Result: ['name', 'age', 'city']
```

### Complex Example

[](#complex-example)

```
$query = "
    SELECT u.*, p.title
    FROM users u
    LEFT JOIN profiles p ON u.id = p.user_id
    WHERE u.name LIKE :name
    AND u.age BETWEEN :min_age AND :max_age
    AND u.status = :status
    ORDER BY u.created_at DESC
    LIMIT :limit
";

$parameters = [
    'name' => '%John%',
    'min_age' => 18,
    'max_age' => 65,
    'status' => 'active',
    'limit' => 10
];

$result = QueryBuilder::build($query, $parameters);

// Use with PDO
$stmt = $pdo->prepare($result->getQuery());
$stmt->execute($result->getParameters());
$users = $stmt->fetchAll();
```

API Reference
-------------

[](#api-reference)

### QueryBuilder Class

[](#querybuilder-class)

#### `build(string $query, array $parameters = []): QueryResult`

[](#buildstring-query-array-parameters---queryresult)

Converts a query with named parameters to a query with positional parameters.

**Parameters:**

- `$query` (string): SQL query with named parameters (e.g., `:varname`)
- `$parameters` (array): Associative array of parameter values

**Returns:** `QueryResult` object

**Throws:** `\InvalidArgumentException` if a named parameter is missing

#### `validateParameters(string $query, array $parameters): bool`

[](#validateparametersstring-query-array-parameters-bool)

Validates that all named parameters in a query have corresponding values.

**Parameters:**

- `$query` (string): SQL query with named parameters
- `$parameters` (array): Associative array of parameter values

**Returns:** `bool` - True if all parameters are provided

#### `getParameterNames(string $query): array`

[](#getparameternamesstring-query-array)

Extracts all named parameter names from a query.

**Parameters:**

- `$query` (string): SQL query with named parameters

**Returns:** `array` - Array of parameter names

### QueryResult Class

[](#queryresult-class)

#### `getQuery(): string`

[](#getquery-string)

Returns the processed SQL query with positional parameters.

#### `getParameters(): array`

[](#getparameters-array)

Returns the ordered array of parameter values.

#### `getParameterCount(): int`

[](#getparametercount-int)

Returns the number of parameters.

#### `hasParameters(): bool`

[](#hasparameters-bool)

Returns true if the query has any parameters.

Security
--------

[](#security)

This library helps prevent SQL injection by:

1. Converting named parameters to positional parameters
2. Ensuring parameter values are properly separated from the SQL query
3. Maintaining the correct order of parameters

Always use prepared statements with your database driver for maximum security.

Requirements
------------

[](#requirements)

- PHP 8.0 or higher

License
-------

[](#license)

MIT

###  Health Score

19

—

LowBetter than 9% of packages

Maintenance44

Moderate activity, may be stable

Popularity10

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity13

Early-stage or recently created project

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/956423?v=4)[Volker](/maintainers/skydiablo)[@skydiablo](https://github.com/skydiablo)

---

Top Contributors

[![skydiablo](https://avatars.githubusercontent.com/u/956423?v=4)](https://github.com/skydiablo "skydiablo (2 commits)")

### Embed Badge

![Health badge](/badges/skydiablo-sql-query-builder/health.svg)

```
[![Health](https://phpackages.com/badges/skydiablo-sql-query-builder/health.svg)](https://phpackages.com/packages/skydiablo-sql-query-builder)
```

###  Alternatives

[jdorn/sql-formatter

a PHP SQL highlighting library

3.9k117.2M118](/packages/jdorn-sql-formatter)[propel/propel1

Propel is an open-source Object-Relational Mapping (ORM) for PHP5.

8351.6M87](/packages/propel-propel1)[jfelder/oracledb

Oracle DB driver for Laravel

11518.4k](/packages/jfelder-oracledb)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
