Jump to content

Using PDO

- - - - -
Started by dmanjrod, Apr 16 2011 04:14 PM

  • Please log in to reply
3 replies to this topic

#1
dmanjrod
Posted 16 April 2011 - 04:14 PM

dmanjrod

    Newbie

  • Members
  • Pip
  • 7 posts
Ever since i started working with databases, i've been using the mysql_ methods. Someone recently told me that PDO is a better way to do it. How is it better than using the mysql_ functions and do you guys have any good guides that will help me get started using it?

#2
Alexander
Posted 16 April 2011 - 06:15 PM

Alexander

    It's Science!

  • Moderators
  • 4,124 posts
  • Location:Vancouver, Eh! Cleverness: 200
I've actually written an article on this site roughly a year ago explaining key positive features of using an abstracted database handler (and PHP 5's OO in general for database work), part of my introduction on the matter of issues on mysql_* functions:

Quote

Lets talk about the situation where you used mysql_ functions . The mysql_ function set was introduced in early PHP 4.0 which originates to around July of 2000, the featureset was increased and some basic security precautions were placed into effect, but the function set never changed much more after that. It is fairly archaic.

mysql_real_escape_string() was introduced to aid in preventing SQL injection, even by checking character sets but it is rarely implemented in a proper manner, and with dynamic queries (a query made out of a string) there are just too many places where a malformed data can make a query malicious.

The mysqli_* improved function set is an implementation with basic prepared statements but only available to MySQL and certain versions of PHP, leaving others out of the jump. This is where PDO fits nicely, filling in the gap: PDO allows a uniform set of functions to handle data to the database connection, with prepared statements casting immunity to many of the problems the old functions had.

You can read more about it, along with a kind amount of examples and uses here:

http://forum.codecal...bstraction.html

Certainly feel free to ask if you have any questions!
Be sure to read the updated FAQ! || Health is achieved through the same 10,000 steps.
If a suggested code/method fails, informing us is less important than telling us why or what errors occurred.

#3
dmanjrod
Posted 16 April 2011 - 06:36 PM

dmanjrod

    Newbie

  • Members
  • Pip
  • 7 posts
That's an amazing guide. Exactly what I was looking for. Thank you very much.

#4
Alexander
Posted 16 April 2011 - 06:56 PM

Alexander

    It's Science!

  • Moderators
  • 4,124 posts
  • Location:Vancouver, Eh! Cleverness: 200
You are certainly welcome, I have in fact written the article as a means of providing a more complete documentation for people wishing to move from standard functions that can be counterproductive or error-prone. Not too many people use PDO that come on here.

When I have time I will improve the article, I've been meaning to add more to it.
Be sure to read the updated FAQ! || Health is achieved through the same 10,000 steps.
If a suggested code/method fails, informing us is less important than telling us why or what errors occurred.
Back to PHP Development


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users



  1. CODECALL Programming Forum
  2. Web Development Forum
  3. PHP Development
IPB skins by Skinbox