Hi, method definition is private and will return only the new parsed sql-query as "string". The feature is now also working with bindParamsFromArray() and bindParams(), tested added.

Hi @voku and @clue, can I ask why this is stagnant?

If you don't mind, I have some thoughts on the suggested implementation.

It doesn't allow multiple uses of a token.

$query = new Query('select * from test where name = :id or id = :id');
$sql = $query->bindParamsFromArray([':id' => 2])->getSql();
$this->assertEquals("select * from test where name = 2 or id = 2", $sql);

This will only replace the first token, not the subsequent ones.

-'select * from test where name = 2 or id = 2'
+'select * from test where name = 2 or id = :id'

It is not string aware.

$query = new Query('select * from test where name = ? or id = :id');
$sql = $query->bindParamsFromArray(["I'm a code sample like self::identify()", ':id' => 2])->getSql();
$this->assertEquals("select * from test where name = 'I'm a code sample self::identify()' or id = 2", $sql);

-'select * from test where name = 'I'm a code sample self::identify()' or id = 2'
+'select * from test where name = 'I\'m a code sample like self:2entify()' or id = :id'

That said, I would like to see this implemented, and could help out.

One thought is to use a SQL lexer like https://packagist.org/packages/phpmyadmin/sql-parser#4.3.2 to tokenize the SQL to make it easier to replace on only the token parts and/or validate the SQL.