So, after seeing the advantages, you finally decided to move to PDO.
What are the advantages of using PDO?
PDO is a PHP extension providing a data-access abstraction layer. This layer can be used with any sort of databases. That means that you can at any time change the database backend without having to alter your access methods.
PDO can work with the following databases:
SQLite 2 & 3
Informix (IBM Informix Dynamic Server)
DBLM: FreeTDS / Sybase / MS-SQL
IBM (IBM DB2)
Even if you use only MySQL, PDO can provide advantages; you can use the same data-access methods regardless of the MySQL version. This does away with the need for using the standard MySQL extension with older versions of MySQL and using the MySQLi extension for later versions. An additional advantage is the ability to use object-oriented code regardless of the version of MySQL.
PDO requires the object-oriented capabilities of PHP 5, so PHP 5.0 or higher is a prerequisite. The PDO extension ships with binary versions of PHP 5.1 and 5.2 and is very simple to implement on most operating systems.
So, why use PDO?
The number one reason is security. With plain MySQL functions you need to sanitise the input manually using type casting or mysql_real_escape_string(). With PDO this is all taken care for us and means we no longer have to worry about SQL injection. Great.
The ability to easily migrate to a different database engine (SQLite, Oracle, MSSQL, ODBC, etc.) is the cherry on top of the cake.
But before you use PDO, you should…
Verify if you can use PDO
You can verify if the PDO PHP extension is installed by simply creating a .php file with the following code: