webdevuser Posted January 15, 2013 Share Posted January 15, 2013 (edited) Hello guys, It is my first thread here, I did not intend to make one, but I saw a lot of you are using mysql_connect() mysql_query() please, don't! PDO : PHP Data Objects If you read this article : http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/ you will probably understand why you should be using PDO, and if you still don't, please ask, I will do my best to convert you to use better programming practices Edited January 15, 2013 by Danny.Domb Quote Link to comment Share on other sites More sharing options...
Victor Leigh Posted January 15, 2013 Share Posted January 15, 2013 If I don't use it, I am a fool?!!! Isn't that a bit harsh? Since you have brought it up, what exactly happens if I don't use it? Will my coding fall apart if I don't use it? Quote Link to comment Share on other sites More sharing options...
webdevuser Posted January 15, 2013 Author Share Posted January 15, 2013 If I don't use it, I am a fool?!!! Isn't that a bit harsh? Since you have brought it up, what exactly happens if I don't use it? Will my coding fall apart if I don't use it? Yeah, maybe it is a bit harsh, but it is catchy as hell for a title Basically, in the long terms, yes it will. Don't take me wrong, it won't fall in a month, but let says, if php were to release the final version of PHP 5.5 tomorrow and your host updated their servers that pretty means, that every time a user would load page, for every request made your would have a warning in your logs. Also, depending on your how many requests are made, you can check Google it if you don't believe me, but it will relieve the stress made to your server up to 30%... which in the long terms means a lot of resources saved. Every prepared request made through PDO is almost a 100% perfectly safe (Nothing, and I mean nothing is ever 100% safe). So, yeah... why are you not using it, PDO is better than mysql_* functions in every way... Quote Link to comment Share on other sites More sharing options...
Victor Leigh Posted January 15, 2013 Share Posted January 15, 2013 Hmmm, now that you have explained it, it sounds like something worth exploring. Now, I have a very limited knowledge of php. So please bear with me while I try to get my head round this PDO thing. Does it work like a routing kind of thing? Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted January 15, 2013 Share Posted January 15, 2013 Hmm i'll have to look into this. Thanks. Also, I read your topic title as "POO" lol. Quote Link to comment Share on other sites More sharing options...
webdevuser Posted January 15, 2013 Author Share Posted January 15, 2013 Hmmm, now that you have explained it, it sounds like something worth exploring. Now, I have a very limited knowledge of php. So please bear with me while I try to get my head round this PDO thing. Does it work like a routing kind of thing? Yeah it does work LIKE a routine, but it is not. Everytime you send a request to your database, it is analysed, so imagine the following code : for ($i = 0; $i < 1000; $i++) { mysql_query('INSERT INTO table (value) VALUES ('.mysql_real_escape_string($i).');'); } you just done a thousand queries... which is slow for 2 main reason, First of all, mysql will analyze your query everytime to understand what it has to do (INSERT DATA, Which table, which columns); and mysql_real_escape_string will use non optimized functions to make sure the data inserted by the user is "safe". VS the following $sth = $dbh->prepare('INSERT INTO table (value) VALUES (:value)'); for ($i = 0; $i < 1000; $i++) { $sth->bindValue(':value', $i); $sth->execute(); } Where pdo will prepare your request to mysql so, instead of being analyze 1000X it is only analyze once. Then, bindValue will always make sure the data inserted is 100% safe of SQL injections. Also, PDO allows to begin transaction and rollback or commit the modification if their was an error. Allowing you more control on what data is sent to your database. Quote Link to comment Share on other sites More sharing options...
Administrators Nathan Posted August 29, 2013 Administrators Share Posted August 29, 2013 So is PDO better than mysqli? I'm trying to decide which to use. I keep thinking mysqli is the way to go. Could I get some pros/cons? Quote Link to comment Share on other sites More sharing options...
ridwan sameer Posted September 4, 2013 Share Posted September 4, 2013 Generally I thought MYSQL Handled all data requests, Never knew it could be done with PHP... Relieving server pressure by upto 30% Is quite a huge figure though Quote Link to comment Share on other sites More sharing options...
simplysidy Posted January 15, 2014 Share Posted January 15, 2014 The best thing about using PDO is - Lesser Code and lesser worry. With the traditional mysql set of instructions which are now presumed to be faded away, we did have to take care of all kind of possible SQL injections (and this was really hectic in case you did not have a correctly coded and prepared library). With PDO, things have become much easier. Again, with PDO, changing of the Database to MySQL or Oracle Or even MSSQL (practially any other) means, change of just a single or two lines of code. Quote Link to comment Share on other sites More sharing options...
Administrators Nathan Posted January 17, 2014 Administrators Share Posted January 17, 2014 The best thing about using PDO is - Lesser Code and lesser worry. With the traditional mysql set of instructions which are now presumed to be faded away, we did have to take care of all kind of possible SQL injections (and this was really hectic in case you did not have a correctly coded and prepared library). With PDO, things have become much easier. Again, with PDO, changing of the Database to MySQL or Oracle Or even MSSQL (practially any other) means, change of just a single or two lines of code. That's interesting didn't know this. So still wondering is there any pros/cons between mysqli and pdo? Quote Link to comment Share on other sites More sharing options...
simplysidy Posted January 23, 2014 Share Posted January 23, 2014 That's interesting didn't know this. So still wondering is there any pros/cons between mysqli and pdo? Well, I think this link from NetTuts should clarify better - http://net.tutsplus.com/tutorials/php/pdo-vs-mysqli-which-should-you-use/ One simpler reason is the fact that mySQLi works only with MySQL Database (though I have never used this MySQLi, but the page above says so) however, the PDO supports many Databases (12 as per the page above). Now this makes things easier, when in future, the website or the owners need to change the database. In PDO only a few (3 or 4) lines might be requied to be changed, all other code remains same; unlikely with MySQLi or even MySQL. Quote Link to comment Share on other sites More sharing options...
Bravosi Posted November 30, 2018 Share Posted November 30, 2018 I could say you have a point, but I don't believe it's all that necessary. There are just a lot of options out there on what to do/dont. I like both to be honest, but PDO is something I learnt about prior to mysqli, so I'll have to go with it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.