Static analysis of database access code is a real thing since phpstan-dba. Just stick to the rules and you will be covered:

use PDO;

class Foo
{
    public function unknownTable(PDO $conn)
    {
        $pdo->query('SELECT * FROM unknownTable', PDO::FETCH_ASSOC);
    }
}

phpstan-dba will report

Query error: Table ‘phpstan_dba.unknownTable’ doesn’t exist (1146).

There are a lot more scenarios in which you get a proper error:

use Doctrine\DBAL\Connection;

class Foo
{
    public function syntaxErrors(Connection $conn)
    {
        $query = 'SELECT email adaid WHERE gesperrt freigabe1u1 FROM ada';
        $row = $conn->fetchOne($query, []); 
    }
    
    public function unknownColumn(\mysqli $conn)
    {
        $query = 'SELECT doesNotExist, adaid, gesperrt, freigabe1u1 FROM ada';
        return mysqli_query($conn, $query); 
    }
}

phpstan-dba will report a few problems with this code:

Query error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL/MariaDB server version for the right syntax to use near ‘freigabe1u1 FROM ada LIMIT 0’ at line 1 (1064).

Query error: Unknown column ‘doesNotExist’ in ‘field list’ (1054).

Getting this kind of errors at static analysis time is a real time saver and helps you to spot errors in SQL queries early, without time consuming trial and error loops.

Since you are covered by the tooling, you can work with confidence on your database access code and sql queries. Additionally you can make sure that changes in your database schema will not break existing queries throughout the codebase.

Read more

Please find more articles related to phpstan-dba and its featureset.

Found a bug? Please help improve this article.


<
Previous Post
Placeholder validation in sql queries
>
Next Post
Phpstan Non Falsy String