What is PHP Data Objects (PDO)
PDO Class (PHP 5 >= 5.1.0, PHP 7, PHP 8, PECL pdo >= 0.1.0)
Welcome Coders! This is my first article on hashnode, I this will help you in your journey of coding. Happy Coding!!!!
PHP is an open-source general-purpose scripting language, which is widely used for creating dynamic and interactive web applications. PHP can access a large range of relational database management systems such as SQL, MYSQL, SQLite, and PostgreSQL. The PHP 5.1 version offered a new database connection abstraction library, which is PHP Data Objects (PDO).
PDO provides a data-access abstraction layer, which means that, regardless of which database you're using, you use the same functions to issue queries and fetch data. PDO does not provide a database abstraction; it doesn't rewrite SQL or emulate missing features. You should use a full-blown abstraction layer if you need that facility
Advantage of PDO
DATABASE SUPPORT
The PDO extension can access any database which is written for PDO driver. There are several PDO drivers available which are used for FreeTDS, Microsoft SQL Server, Sybase, IBM DB2, Oracle Call Interface, Firebird/Interbase 6, and PostgreSQL databases, among many more.
The drivers are not available in every system automatically, so we have to find our available drivers and add ones when we need them.
DATABASE CONNECTING
There are different syntaxes available to establish the database connection. These syntaxes depend on specific databases. While using PDO, operations must be wrapped in try/catch blocks and utilize the exception technique.
Usually, only a single connection needs to create, and these connections are closed by programming the database to set as a null.
ERROR HANDLING
PDO permits to use of exceptions for error handling. To produce an exception, PDO can be forced into a relevant error mode attribute.
There are three error modes, i.e., Silent (default), Warning, and Exception. Warning and Exception are more useful in DRY programming.
Silent - It is a default error mode.
Warning - It is useful for debugging.
Exception - This mode allows graceful error handling while hiding data that a person might use to exploit your system.
INSERT AND UPDATE
PDO reduces the commonly used insert and update database operation into a two-step process, i.e.
Prepare >> [Bind] >> Execute.
Through this method, we can take full advantage of PDO's prepared statements, which protect against malicious attacks through SQL injection.
Prepared statements are pre-compiled SQL statements that can be executed multiple times by sending this data to the server. This data, which is used within the placeholder, is automatically protected from the SQL injection attack.
Benefits of using PDO
Usability - It contains many helpers functions to operate automatic routine operations.
Reusability - It offers a unified API to access multiple databases.
Security - It uses a prepared statement which protects from SQL injection. A prepared statement is a pre-compiled SQL statement that separates the instruction of the SQL statement from the data
PDO Classes
PDO - It represents a connection between PHP and the database.
PDOStatement - It represents the prepared statement and after the execution of the statement, sets an associated result.
PDOException - It represents errors raised by PDO.
Which should be preferred PDO or MySQLi?
MySQL can work only with MySQL databases. So, if we want to switch our project to another database, PDO makes it easy. In MySQLi, we have to rewrite the entire code.
PDO and MySQLi both are Object-Oriented, but MySQLi also offers procedural API. Both support Prepared Statements. Prepared Statements are important for web application security, as it protects from SQL injection.
Now Let's See How to connect with the database server (PDO)
<?php
$dbHost="LOCALHOST";
$dbName="DATABASE_NAME";
$dbUser="root"; //by default root is user name.
$dbPassword=""; //password is blank by default
try{
$dbConn= new PDO("mysql:host=$dbHost;dbname=$dbName",$dbUser,$dbPassword);
echo "DB is Connected Successfully";
} catch(Exception $e){
Echo "Connection failed" . $e->getMessage();
}
?>