How to validate a sql_query before performing the query? MySQL and PHP

A possible alternative would be to use a database abstraction layer, but better something that already exists, doing it by hand is a project in itself.

Initially it may be difficult to start, but in the end it will make your programming more agile and you can forget about the ad hoc queries for common tasks, while you will have a lot of additional tools.

ORM

Object-Relational mapping, or what is the same, object-relational mapping, is a programming model that consists of the transformation of tables in a database, in a series of entities that simplify basic tasks of access to the data for the programmer.

In order to effectively access the database from an object-oriented context, an interface is needed that translates the logic of the objects into the relational logic, this interface is called ORM (object-relational mapping) or "mapping from objects to databases ", and consists of objects that allow access to the data and that contain in themselves the necessary code to do so.

The main advantage of the abstraction layer is portability, because it makes it possible to change the application to another database, even in the middle of the development of a project. If a prototype of an application must be developed quickly and the client has not yet decided on the database that best suits their needs, the application can be built using SQLite and when the client has made the decision, easily switch to MySQL, PostgreSQL or Oracle. It is only necessary to change a line in a configuration file and everything works correctly.

Source: link

You can look for some information about the best known, for example:

Eloquent and Doctrine ( link )

Here is the topic: Best PHP DAL (data abstraction layer) so far