PDO, short for PHP Data Objects, is an object-oriented library that can be used to interact with SQL databases.  It carries many advantages over the more often used MySQL functions.

Why not to use mysql_ commands

The majority of MySQL tutorials on the web today teach you to connect to your database using the mysql_connect family of functions.   These functions were only meant for versions of MySQL prior to 4.1, which was released in 2004, meaning they have been obsolete for at least 6 years.   This is one of the many reasons why you should be using another library, such as PDO, to connect to your database.  MySQL_ commands also aren’t object-oriented, meaning you’ll have a hard time it you’re developing using newer PHP tools, and compared to PDO, the mysql_ library is slow and process-intensive.

Connecting to a database using PDO

Coding with PDO is a little different, since it uses Objects.   Here is an example showing how to connect to your MySQL database using PDO.

Source code

/* Here we include all the information needed to connect to a database. You'll have to
 
change this to match your database information, except for the number; 3306 is the default MySQL port. */
 
$host = 'localhost';
$port = 3306;
$database = 'Database';
$username = 'Username';
$password = 'Password';
 
/* Here we construct the DSN (Data Source Name). It's a string that specified our server information. */
$dsn = "mysql:host=$host;port=$port;dbname=$database";
 
// Here we create the database object.
$db = new PDO($dsn, $username, $password);

Creating a query

In this example we will be retrieving the last time a user logged in.  Then we’ll explain each step of the query in detail.

Source code

$statement = $db->prepare("SELECT last_login FROM user_info WHERE username = ? AND password = ?");
 
$statement->execute(array($_POST['username'], $_POST['password']));
 
$result = $statement->fetchObject();
 
echo $result->last_login;

Let’s walk through the code.  The first step starts with “$statement =”, which means the rest of that line will be stored in a variable called $statement.

Source code

$statement = $db->prepare("SELECT last_login FROM user_info WHERE username = ? AND password = ?");

Remember first connecting to the database?  We created an object for the database called $db. An object has variables, functions, and more inside of it.  The arrow beside $db is a way to go inside the object and use something.  With “$db->prepare”, we’re going inside $db, our database, and telling it to use the “prepare” function to prepare a query. With PDO, you always have to prepare a statement before using it.

Source code

$statement->execute(array($_POST['username'], $_POST['password']));

This time, we’re using an arrow again to go inside our $statement variable, where our database query is prepared, and using the “execute” function to run the query.  Our two variables, username and password, fill in the question marks in the query.  As you can see, we didn’t have to add anything similar to “mysql_real_escape_string” or “addslashes”; because we use PDO to prepare our query and fill in the variables, our query is immune to SQL injection.

Source code

$result = $statement->fetchObject();
echo $result->last_login;

“fetchObject” is a function used to get the next result in a set of MySQL results.  Here, however, we’re only expecting one result, so there’s no need to use a loop to get through all of them.

We’re setting the variable $result equal to the value that our “fetchObject” function gives us.  Then, we’re just printing the “last_login” row from that result.

We’re finished!

PDO is capable of much more than what was shown here.  This was just a short introduction hoping to convince you and get you started with PDO rather than use outdated code.  I hope you enjoyed this tutorial.

Get on time success by using our 642-971 certification material, 70-579 dumps and jk0-702 practice test. Our 70-431 dumps and 70-503 exam product are also very easy to understand and pass.