What is PHP Data Objects (PDO)

Coding GurukulCoding Gurukul
3 min read

Welcome Coders! This is my first article on hashnode, I this will help you in your journey of coding. Happy Coding!!!!

PHP is an open-source general-purpose scripting language, which is widely used for creating dynamic and interactive web applications. PHP can access a large range of relational database management systems such as SQL, MYSQL, SQLite, and PostgreSQL. The PHP 5.1 version offered a new database connection abstraction library, which is PHP Data Objects (PDO).

PDO provides a data-access abstraction layer, which means that, regardless of which database you're using, you use the same functions to issue queries and fetch data. PDO does not provide a database abstraction; it doesn't rewrite SQL or emulate missing features. You should use a full-blown abstraction layer if you need that facility

Advantage of PDO

DATABASE SUPPORT

The PDO extension can access any database which is written for PDO driver. There are several PDO drivers available which are used for FreeTDS, Microsoft SQL Server, Sybase, IBM DB2, Oracle Call Interface, Firebird/Interbase 6, and PostgreSQL databases, among many more.

The drivers are not available in every system automatically, so we have to find our available drivers and add ones when we need them.

DATABASE CONNECTING

There are different syntaxes available to establish the database connection. These syntaxes depend on specific databases. While using PDO, operations must be wrapped in try/catch blocks and utilize the exception technique.
Usually, only a single connection needs to create, and these connections are closed by programming the database to set as a null.

ERROR HANDLING

PDO permits to use of exceptions for error handling. To produce an exception, PDO can be forced into a relevant error mode attribute.
There are three error modes, i.e., Silent (default), Warning, and Exception. Warning and Exception are more useful in DRY programming.

  1. Silent - It is a default error mode.

  2. Warning - It is useful for debugging.

  3. Exception - This mode allows graceful error handling while hiding data that a person might use to exploit your system.

INSERT AND UPDATE

PDO reduces the commonly used insert and update database operation into a two-step process, i.e.
Prepare >> [Bind] >> Execute.

Through this method, we can take full advantage of PDO's prepared statements, which protect against malicious attacks through SQL injection.
Prepared statements are pre-compiled SQL statements that can be executed multiple times by sending this data to the server. This data, which is used within the placeholder, is automatically protected from the SQL injection attack.

Benefits of using PDO

  • Usability - It contains many helpers functions to operate automatic routine operations.

  • Reusability - It offers a unified API to access multiple databases.

  • Security - It uses a prepared statement which protects from SQL injection. A prepared statement is a pre-compiled SQL statement that separates the instruction of the SQL statement from the data

PDO Classes

  • PDO - It represents a connection between PHP and the database.

  • PDOStatement - It represents the prepared statement and after the execution of the statement, sets an associated result.

  • PDOException - It represents errors raised by PDO.

Which should be preferred PDO or MySQLi?

  • MySQL can work only with MySQL databases. So, if we want to switch our project to another database, PDO makes it easy. In MySQLi, we have to rewrite the entire code.

  • PDO and MySQLi both are Object-Oriented, but MySQLi also offers procedural API. Both support Prepared Statements. Prepared Statements are important for web application security, as it protects from SQL injection.

Now Let's See How to connect with the database server (PDO)

<?php  
    $dbHost="LOCALHOST";  
    $dbName="DATABASE_NAME";  
    $dbUser="root";      //by default root is user name.  
    $dbPassword="";     //password is blank by default  
    try{  
        $dbConn= new PDO("mysql:host=$dbHost;dbname=$dbName",$dbUser,$dbPassword);  
        echo "DB is Connected Successfully";  
    } catch(Exception $e){  
    Echo "Connection failed" . $e->getMessage();  
    }  
?>
1
Subscribe to my newsletter

Read articles from Coding Gurukul directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Coding Gurukul
Coding Gurukul

I'm a Full Stack developer, who loves to develop Web and Mobile Applications and also create content that could be helpful to others. I've worked on around 30+ web & mobile apps. I have loved to code since my college days.