Escaping PDO

My understanding is that PDO queries are essentially forced on us because PHP will soon stop supporting traditional queries. But when that future version of PHP is released, we can still use conventional queries if we simply don’t upgrade to that version, right?

Or is there something in the bigger picture that I’m missing? If I freeze my server and websites at the current PHP version, will my visitors still get zapped somehow, if there’s a more recent version of PHP on THEIR computers or servers?

PDO is turning into a nightmare for me, and I’d like to deal with it the way I’ve dealt with other new technologies - just ignore it until it’s more user friendly, THEN adopt it. My hunch is that as long the server my websites are hosted on is frozen at the current version of PHP, all my code and scripts should work for my visitors. Is this correct?


The PHP you’re using on your site should not make any difference to visitors of your site.
The problem would be if others are using your PHP code on their site and your code isn’t compatible with their version of PHP

I don’t know what you mean by “PDO queries” or “traditional/conventional queries”.
If you’re talking about prepared statements IMHO you should really consider starting to use them as they are a big securiity improvement.
If you don’t like PDO at least give mysqli a try now that mysql is deprecated and likely to be gone maybe soon.
I’m not sure that “freezing” - not updating - your version of PHP is all that wise a thing to do. More than one thing changes between versions (usually many) and you will be missing out on a lot of improvements for the sake of not needing to adapt coding practices.

Perhaps you could say what you are finding to be a nightmare and others could try to help make it less so?

Conventional query = the standard PHP database queries I was using before PDO.

It sounded like there’s no choice but switch to PDO, so I started studying it, and I was able to convert my basic queries without too much trouble. But I have several websites with a number of customized queries, some inside functions, and I’m running into one can of worms after another. There just isn’t enough time in the day to deal with it.

I’ll check out mysqli. If it doesn’t require a similar investment in time to adapt to, then maybe it’ll give me more options. Thanks for the tip.

It sounds like Mysqli isn’t a separate program but a feature you turn on PHP. So to make it work, I have to modify some php file(s), right?

I’m currently using MAMP on a Mac. If I switch to mysqli, is MAMP still going to work?

I think of mysqli as kind of inbetween mysql and PDO
You can write either procedural or OOP for many of it’s functions.
You don’t need to use prepared statements if you don’t want to.

Depending on what mysql functions you’re using there will be more or less work involved. I made a Sticky with my attempt at detailing “case sudies” that will hopefully give you some idea.

AFAIK MAMP will still work. I was suprised to find that myPhpAdmin still uses mysql
mysql, mysqli, and PDO can all use an MySQL database (PDO has the advantage that it can use other databases as well).
The problems with code that still use deprecated mysql will be painful when PHP gets around to dropping support for it. Instead of throwing E_DEPRECATED notices they will throw errors instead.
I don’t see MySQL going away any time soon but I suppose it could happen some time and the PDO (or something else?) would be mandatory.

mysqli was introduced into PHP 5.0 - unless you are still running PHP 4 your version of PHP will support mysqli

PHP 4 has been effectively dead for a couple of years now and that is considered to be plenty of time to do the conversions from mysql_ to mysqli_ particularly since for most calls the only change required is either just adding the extra i or doing that and switching the order of the two parameters. There are only a few antiquated mysql_ calls that were considered obsolete even in PHP 4 and where mysqli_ equivalents were not created.

It is only when you decide to increase the efficiecy and security of your database calls that you then need to rewrite them to use the newer mysqli_ calls that mysql_ didn’t support. The only significant difference between what you can do with mysqli_ calls and PDO is that PDO allows you to swap to a range of other databases if you need to so that you are not tied to mySQL if you go with that option.

Basically mysql_ calls (once you ignore the ones that were obsolete ten years ago) is a subset of the mysqli_ calls.