There is no difference in security. The main difference between PDO and Mysqli is that PDO supports various databases and mysqli supports only MySQL. MySQLi is also a bit faster. PDO supports 12 different drivers, opposed to MySQLi, which supports MySQL only.
Basically, MySQL is the old database driver, and MySQLi is the Improved driver. The "i" stands for "improved" so it is MySQL improved. MySQLi can be done procedural and object-oriented whereas MySQL can only be used procedurally. Mysqli also supports prepared statements which protect from SQL Injection.
Yes, it is possible.
The MySQL extension is very slightly faster than MySQLi in most benchmarks I've seen reported.
There are (more than) three popular ways to use MySQL from PHP. This outlines some features/differences PHP: Choosing an API:
I would recommend using PDO with prepared statements. It is a well-designed API and will let you more easily move to another database (including any that supports ODBC) if necessary.
Those are different APIs to access a MySQL backend
So it depends on what kind of code you want to produce. If you prefer object-oriented layers or plain functions...
My advice would be
Also my feeling, the mysql API would probably being deleted in future releases of PHP
.
mysqli is the enhanced version of mysql.
PDO extension defines a lightweight, consistent interface for accessing databases in PHP. Each database driver that implements the PDO interface can expose database-specific features as regular extension functions.
Specifically, the MySQLi extension provides the following extremely useful benefits over the old MySQL extension..
OOP Interface (in addition to procedural) Prepared Statement Support Transaction + Stored Procedure Support Nicer Syntax Speed Improvements Enhanced Debugging
PDO Extension
PHP Data Objects extension is a Database Abstraction Layer. Specifically, this is not a MySQL interface, as it provides drivers for many database engines (of course including MYSQL).
PDO aims to provide a consistent API that means when a database engine is changed, the code changes to reflect this should be minimal. When using PDO, your code will normally "just work" across many database engines, simply by changing the driver you're using.
In addition to being cross-database compatible, PDO also supports prepared statements, stored procedures and more, whilst using the MySQL Driver.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With