I wrote a wrapper class based on pg_ functions. Added some logging and
exception throwing capabilities etc.
I'm planning to use only prepared statements and pg_query_params
function when using user submitted data in queries to avoid
sql-injection. I believe it is enough but gonna do some tests.
This is the best way i think.
Thanks to everyone.