I just released *YD Shomer*, a runtime SQL validator that catches security issues during development and teaches developers secure coding practices.
## The Name
- *YD (י)* - Yod, the Hebrew letter symbolizing divine protection - *Shomer (שומר)* - Guardian in Hebrew - *The Guardian's Hand* - Protection through vigilance
## Quick Example ```php use Shomer\QueryValidator;
define('SHOMER_ENABLED', true);
// This will trigger a warning $report = QueryValidator::validate([ 'sql' => "DELETE FROM users", // Missing WHERE! 'params' => [] ], $verbose = true);
// Shomer provides: // Error detected // Exact location: file.php line 42 // Suggested fix: "DELETE FROM users WHERE id = ?" // Email alert sent ```
## Key Features
*Security First:* - Detects SQL injection vulnerabilities - Validates prepared statements - Checks parameter counts and types
*Developer Experience:* - Auto-captures execution context (file, line, URL) - Provides secure query suggestions - Educational approach
*Production Ready:* - Zero overhead when disabled - Instant bypass - No performance impact
## Perfect For
- Learning secure SQL practices - Code reviews - Onboarding junior developers - Refactoring legacy code - Development environments
## Installation ```bash composer require yd-shomer/php-shomer
hm-iti26•2h ago
I just released *YD Shomer*, a runtime SQL validator that catches security issues during development and teaches developers secure coding practices.
## The Name
- *YD (י)* - Yod, the Hebrew letter symbolizing divine protection - *Shomer (שומר)* - Guardian in Hebrew - *The Guardian's Hand* - Protection through vigilance
## Quick Example ```php use Shomer\QueryValidator;
define('SHOMER_ENABLED', true);
// This will trigger a warning $report = QueryValidator::validate([ 'sql' => "DELETE FROM users", // Missing WHERE! 'params' => [] ], $verbose = true);
// Shomer provides: // Error detected // Exact location: file.php line 42 // Suggested fix: "DELETE FROM users WHERE id = ?" // Email alert sent ```
## Key Features
*Security First:* - Detects SQL injection vulnerabilities - Validates prepared statements - Checks parameter counts and types
*Developer Experience:* - Auto-captures execution context (file, line, URL) - Provides secure query suggestions - Educational approach
*Production Ready:* - Zero overhead when disabled - Instant bypass - No performance impact
## Perfect For
- Learning secure SQL practices - Code reviews - Onboarding junior developers - Refactoring legacy code - Development environments
## Installation ```bash composer require yd-shomer/php-shomer