Well, my first thought is that if you are going to use prepared statements and bound parameters with PDO (which is a very good thing), then you should have no issues with sanitizing values for SQL use. Therefore, the only thing you would need your SanitizeText class is for issues not related to SQL/database stuff. If that's the case, then I would not inject that dependency into your Database class, as you want classes to stay narrowly focused on their specific purposes.
If we set all that aside and assume for now that you do have a reason for using that class within your Database class, probably the best way to make that dependency obvious is to inject it directly via the constructor. That way any client code "knows" it has to provide it.
Oh, and a database class can be a good opportunity to make use of inheritance.
class Database extends PDO
private $db_user = 'root';
private $db_password = 'password';
private $db_name = 'test';
private $db_host = 'localhost';
public function __construct(SanitizeText $sanitize)
$this->sanitize = $sanitize;
'mysql:host=' .$this->db_host.'; dbname='.$this->db_name,
public function doSomethingWith($text)
$text = $this->sanitize->someMethod($text);
echo "And the sanitized text is:".PHP_EOL.$text;
$db = new Database(new SanitizeText());