PhpStorm 2017.3 Help

User Parameters

File | Settings | Tools | Database | User Parameters for Windows and Linux
PhpStorm | Preferences | Tools | Database | User Parameters for macOS


Generally, only the question mark (?) is treated as a parameter in SQL statements. On this page, you can specify which other characters and their sequences should be treated as parameters, and in which places.

The patterns for SQL parameters are specified by means of regular expressions.

Item Description
Enable in console and SQL files If the checkbox is selected, the parameter patterns are applied to SQL (in SQL files and database consoles). The usage scope, if necessary, may be limited at the level of individual patterns.

If this checkbox is not selected, the patterns are not used in SOL files and consoles irrespective of which usage scope is specified for individual patterns.

Enable in string literals with SQL injection If the checkbox is selected, the parameter patterns are applied to string literals injected with SQL. The usage scope, if necessary, may be limited at the level of individual patterns.

If this checkbox is not selected, the patterns are not used in string literals irrespective of which usage scope is specified for individual patterns.

Parameter patterns The table shows the parameter patterns and their usage scopes.

The patterns are specified using regular expressions. Values in parentheses are treated as parameter names. The patterns available initially have the following meanings:

  • \?(\d+) - a question mark followed by one or more digits, e.g. ?69 in which case 69 would be the parameter name.
  • :(\w+) - a colon followed by one or more word characters, e.g. :x, :value, :parameter_1.
  • %w+ - % followed by one or more word characters, e.g. %xyz.

    To have PhpStorm recognize sprintf format references in injected SQL strings:

    1. Click the %w+ pattern. PhpStorm expands a hidden area with the configuration settings for the pattern.
    2. Select the In scripts and In literals checkboxes.
    3. Click the <Language> link and select PHP in the drop-down list.

  • \$\{([^$\{\}]*)\} - $, then {, then any character except $, { or } zero or more times, then }, e.g. ${}, ${value}.
  • \$\(([^\)]+)\) - $, then (, then any character except ) one or more times, then ), e.g. $(x).
  • \$(\w+)\$ - $, then one or more word characters, then $ again, e.g. $x1$.
  • \#(\w+)\# - #, then one or more word characters, then # again, e.g. #field_3#.

Use new (Alt+Insert), delete (Alt+Delete), arrowUp (Alt+Up) and arrowDown (Alt+Down) to add, delete and reorder the patterns.

To edit a pattern or its usage scope, click the pattern and use the following controls:

  • In scripts. Clear this checkbox if the pattern shouldn't be used in SQL files and database consoles.
  • In literals. Clear this checkbox if the pattern shouldn't be used in string literals injected with SQL.
  • All (the link text may be different). Click the link and deselect the languages in which the pattern shouldn't be used.
Last modified: 29 March 2018