What is PDO?
PDO stands for PHP Data Objects (PHP Extension) is a lightweight, consistence interface used to access database. Example it can be used in place with MySQLi (MySQL improved)
-Lean and consistence way to access the database
-Works with multiple databases
-Data access layer
PDO vs MySQLi
- PDO and MySQLi are equivalent in terms of security
- Both support prepared statements
- No risk of SQL injection.
- Unlike MySQLi, PDO supports named parameters
- This makes working with database field easier
- Unlike MySQLi, PDO supports many different vendors
- Secure, flexible, easy
- Best Choice for all new projects and updates.
- PDO Object-oriented programming API, WHILE MySQLi both object-oriented and procedural.
Some benefits of PDO
- Multiple Databases, it does not support syntax that just specific to a certain database, in some cases you switches the connection string to change the database you are working with i.e. change MySQL to PostgreSQL
- Security / Prepared Statements. It is one biggest benefit of PDO, it uses prepare statements which can help to prevent you are database from SQL injections. SQL injections in simple term is if someone tries to insert SQL statements and instruction through some user input like a form in your website that can destroy your database. Prepared Statement is a pre compiled SQL statement that separate the instruction of the SQL statement from the data
- Usability. It has function that can perform routine operations for fetching data and exceptions
- Reusability. It has unify API to access multiple databases
- Excellent Error handling options i.e. silence, warning and exception.
Main PDO classes
- PDO, Represents a connection between PHP and DB (Database), this is where we plug in the DSN.
- PDOStatement, Represents a prepared statement and after executed an associated result.
- PDOException, Represent errors raised by PDO.
Databases that can be used with PDO
Here are the some databases that can be used with PDO.
- MS SQL Server