PHPackages uchiko/sql-maker - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Database & ORM](/categories/database) 4. / 5. uchiko/sql-maker ActiveLibrary[Database & ORM](/categories/database) uchiko/sql-maker ================ SQL Builder 0.02(11y ago)3481MITPHP Since Jul 5Pushed 11y ago1 watchersCompare [ Source](https://github.com/memememomo/composer-sql-maker)[ Packagist](https://packagist.org/packages/uchiko/sql-maker)[ Docs](https://github.com/memememomo/composer-sql-maker)[ RSS](/packages/uchiko-sql-maker/feed)WikiDiscussions master Synced 1w ago READMEChangelogDependencies (4)Versions (4)Used By (0) Abstract ======== [](#abstract) sql-maker - SQL builder written in PHP. SQL::Maker - SQL builder written in perl. REQUIREMENTS ============ [](#requirements) - PHP 5.3 or later The JSON SQL Injection Vulnerability ==================================== [](#the-json-sql-injection-vulnerability) SQL\_Maker has a JSON SQL Injection Vulnerability if not used in `strict` mode. Therefore, I strongly recommend to use SQL\_Maker in `strict` mode. You can turn on the `strict` mode by passing `'strict' => 1` as: ``` new SQL_Maker(array(..., 'strict' => 1)) new SQL_Maker_Select(array(..., 'strict' => 1)) ``` In strict mode, array or hash conditions are not accepted anymore. A sample usage snippet is shown in below: ``` $builder = new uchiko\SQL\Maker(array('driver' => 'mysql', 'strict' => 1)); $builder->select('user', array('*'), array('name' => $json['name'])); // => SELECT * FROM `user` WHERE `name` = ? $builder->select('user', array('*'), array('name' => array('foo', 'bar'))); // => Exception! Will not generate SELECT * FROM `name` IN (?, ?) any more $builder->select('user', array('*'), array('name' => sql_in(array('foo', 'bar')))); // => SELECT * FROM `user` WHERE `name` IN (?, ?) $builder->select('fruit', array('*'), array('price' => sql_le($json['max_price']))); // => SELECT * FROM `fruit` WHERE `price` 'SQLite')); ``` select() -------- [](#select) ``` $table = 'pokedex'; $fields = array('id', 'name'); $where = array(); $where['area'] = 'houen'; $where['type'] = array( 'like' => '%electric%' ); $opt = array(); $opt['order_by'] = array('id'); list($sql, $binds) = $builder->select($table, $fields, $where, $opt); /* * $sql => "SELECT id, name * FROM pokedex * WHERE (area = ?) AND (type LIKE ?) * ORDER BY id" * $binds => ("houen", "%electric%") */ ``` WHERE ----- [](#where) ``` $table = 'pokedex'; $fields = array('*'); $where = array( 'name' => 'Pikachu', 'legendry' => null, 'area' => array('ish', 'joto'), 'base_hp' => array('