Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

MySQL versus PDO [duplicate]

Tags:

mysql

pdo

I'm fairly new to PHP and have built a medium sized website using standard MySQL database calls. However, I have recently learned about PDO and I am hoping to find out from the community if it is worth switching from MySQL over to PDO. For security I have been using mysql_real_escape_string.

Info about the site:
I'm using a mix of INSERT and SELECT calls. The data returned from SELECT calls isn't massive (no more than 30 records returned by using LIMIT). There will also not be a whole lot of INSERTs. The site is currently not live and so making changes now is easy.

In your professional opinions, is it worth my time to switch the site over to PDO from MySQL? Or is staying with MySQL just as good? Or in other words, what would be the reason, if any, to switch to PDO now?

like image 646
justinl Avatar asked May 15 '09 03:05

justinl


People also ask

Is PDO faster than MySQLi?

PDO also supports client side queries. This means that when it prepares a query, it does not have to communicate with the server. Since MySQLi uses native prepared statements, it will may actually be faster to use mysqli_real_escape_string instead of using prepared statements, while it is still a secure solution.

What is the difference between using MySQL functions and PDO?

MySQLi is a replacement for the mysql functions, with object-oriented and procedural versions. It has support for prepared statements. PDO (PHP Data Objects) is a general database abstraction layer with support for MySQL among many other databases.

Is PDO slower than MySQLi?

3. Here you can see that PDO is only 1% faster than mysqli.

What is the advantage of PDO over Mysqlli?

Both MySQLi and PDO have their advantages: PDO will work on 12 different database systems, whereas MySQLi will only work with MySQL databases. So, if you have to switch your project to use another database, PDO makes the process easy. You only have to change the connection string and a few queries.


2 Answers

PDO has the following advantages over the mysql_* functions:

  • It's cross database, meaning it's the same interface for different relational databases.
  • It helps protect against SQL injections.
  • It's much cleaner (uses an object-oriented approach).

This question has been asked before, you may want to take a look at the answers:

  • Moving from mysql to mysqli or pdo?
  • mysqli or PDO - what are the pros and cons?

If you are starting a new project, I would strictly suggest using PDO or a higher-level library/ORM. If you already have a lot of code written without it, it may not be worth it.

like image 163
Sasha Chedygov Avatar answered Oct 14 '22 20:10

Sasha Chedygov


PDO has the advantages listed over at the pages linked to above: database abstraction (i.e. your code is made portable across a variety of flavours of DB), it handles a lot of the usual security issues for you if you use its prepared statement features and it returns results as Class instances (which by itself can greatly improve your code by encouraging an object oriented approach), etc., etc.

However the very best approach would be for you to look into an ORM library such as Doctrine. It may seem like overkill given the size of your project, but frankly it's never too early to start learning best practice. An excellent overview of how to build bullet-proof, maintainable database-driven apps given by the lead developer of the Zend Framework can be watched at http://mtadata.s3.amazonaws.com/webcasts/20090724-playdoh.wmv

like image 38
Oliver Turner Avatar answered Oct 14 '22 20:10

Oliver Turner