>"Keep in mind this is PHP."
replyHas nothing to do with PHP. SQL injection mishaps is a developer problem, not a language problem. It happens everywhere.
And tons of such frameworks have been written in PHP; prepared statements with an adapter-agnostic database connection layer are first-class citizens in PHP.
reply