Use Laminas DB Adapter with Sql and parameterized queries for safe database access.
Laminas Database Adapter
// config/autoload/database.local.php
return [
"db" => [
"driver" => "Pdo",
"dsn" => "mysql:dbname=myapp;host=localhost;charset=utf8mb4",
"username" => "root",
"password" => getenv("DB_PASSWORD"),
"driver_options" => [PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8mb4"],
],
];
// SQL Abstraction
use LaminasDbSqlSql;
use LaminasDbAdapterAdapter;
$adapter = $container->get(Adapter::class);
$sql = new Sql($adapter);
$select = $sql->select("posts")
->columns(["id", "title", "created_at"])
->join("users", "users.id = posts.user_id", ["author" => "name"])
->where(["is_draft" => false])
->order("created_at DESC")
->limit(10);
$stmt = $sql->prepareStatementForSqlObject($select);
$result = $stmt->execute();
foreach ($result as $row) {
echo $row["title"];
}