Which is best php library to use when deal with database? PDO OR mysql?

hello ,

i want ask about best library to use when deal with databases inside script . is it PDO ??
or mysql ??


PDO definately, as it provide you with a better level of protection from data input dangers.

Either PDO or mysqli - both are far superior to mysql.

I’ve always just used MySQL :stuck_out_tongue:

The use of just mysql requires a significant amount of extra processing so tackle SQL injection into the data so as to make sure such attempts do not change your query and compromise the security of your database.

Using PDO or mysqli means you can use a prepare statement and keep the SQL and the data completely separate thus doing away with the possibility of SQL injection and therefore removing the need to use code to try to prevent it happening.

Using mysql and adding the code to try to protect against SQL injection is like closing windows to try to keep burglars out. Using PDO or mysqli is like having bars over the windows to start with. Consider what happens in each case when the burglar breaks the window (ie. bypasses your SQL injection security code). If you use mysql then your database is theirs to do with what they want whereas if you use PDO or mysqli then they are still kept out.

Nice analogy. Is it easy to change from mysql to mysqli

thanx to all :slight_smile: , so it’s best to use mysqli or pdo instead of mysql .
ok but sorry what’s the best to use (mysqli or pdo) :blush: :smiley: ??
because i think that i heared before that PHP6 will cancel mysqli and make pdo is default library to deal with databases . is it right ?!?

Lazy: use PDO
UnLazy: try both, read docs, make a decision

mysqli is not being dropped.

I use PDO, but remember that it’s not enough to just use PDO - you must use prepared statements and always use correct column type in your bindParam() methods, in order to make your scripts really secure.