https://github.com/stringtherapy/frame
Limited to basic INSERT queries for now
At first glance, as there are not tests, this looks so horribly limited.
It appears to only be able to handle very basic INSERT queries that contain absolutely no functions or other special values (eg. NOW()).
It breaks with ON DUPLICATE KEY.
It also completely breaks if a value contains a comma (,).
My test: https://3v4l.org/puKfE
You should definitely provide big warnings and unit tests to clearly show the severely limited capabilities of this function.
As a (far better) alternative way of doing things, you might want to look at existing query builder libraries such as Aura.SqlQuery
Yes. It’s limited to basic INSERT queries. I just wanna share the idea. If this is possible. Isn’t it possible to implement other functions as well? Basically I don’t have time (not a php dev), so I’m opens sourcing if anyone like the idea and wanna improve.
Why? PDO and mysqli both have prepare functions and are easy to use. Your code is extremely limited to simple SQL queries.if ($stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?")) {/* bind parameters for markers */$stmt->bind_param("s", $city);/* execute query */$stmt->execute();
Yes. I spent some 1 hour to work and test on it with basic insert query. I don’t have time to implement with others. I hope by open sourcing others might contribute.
Im a beginner and thought the classic single query for insertion is more intuitive than 4 lines of code in prepared statements. So I wanted it to be simple as well as safe from sql injections. I have only used procedural php btw.
The assumption is that this would be used with legacy code in an effort to reduce the cost of moving to prepared statements. Unfortunately, the implementation is somewhat limited.