Basic syntax of PDO Objects for PHP 5.1 and above

Here are some of the basic syntax for using PDO Objects.

The advantage of PDO objects is that you pass your variables into the SQL function using prepared statements.

Prepared statements are what are termed paramatised queries when working with program languages like Microsoft dot.net and
provide a way to prevents sql injection into databases.

SQL FETCH
<?php
$dbh = new PDO(‘mysql:host=localhost;dbname=test’, $user, $pass);
$stmt = $dbh->prepare(“SELECT * FROM REGISTRY where name = ?”);
if ($stmt->execute(array($_GET[‘name’]))) {
while ($row = $stmt->fetch()) {
print_r($row);
}
}
?>

SQL MODIFY
<?php
$dbh = new PDO(‘mysql:host=localhost;dbname=test’, $user, $pass);
$stmt = $dbh->prepare(“INSERT INTO REGISTRY (name, value) VALUES (?, ?)”);
$stmt->bindParam(1, $name);
$stmt->bindParam(2, $value);

// insert one row
$name = ‘one’;
$value = 1;
$stmt->execute();

// insert another row with different values
$name = ‘two’;
$value = 2;
$stmt->execute();
?>

It is advisable to use try / catch statements around PDO or and print out friendly error messages or otherwise it is
possible that an error will display internal details that you don’t want users to see.

<?php
try {
$dbh = new PDO(‘mysql:host=localhost;dbname=test’, $user, $pass);
foreach($dbh->query(‘SELECT * from table’) as $row) {
print_r($row);
}
$dbh = null;
} catch (PDOException $e) {
print “Error!: ” . $e->getMessage() . “<br/>”;
die();
}
?>

Examples of using PDO objects in PHP

<?php

//Example of fetching data from a database using PDO objects

# using the shortcut ->query() method here since there are no variable
# values in the select statement.

try {

$dbhost = “localhost”;
$dbname    = “users”;
$dbusername = “root”;
$dbpass = “”;

//Connect to the database
$dbh = new PDO(“mysql:host=” . $dbhost . “;dbname=” . $dbname, $dbusername, $dbpass);

//the sql query
$sql = “SELECT * FROM users”;

//statment handle
$sth = $dbh->query($sql);

# setting the fetch mode
$sth->setFetchMode(PDO::FETCH_ASSOC);

echo(“——————————————–<br/>”);
echo(“An example of a while loop<br/>”);
while($row = $sth->fetch()) {
echo( $row[“first_name”] . “<br/>” );
$table[] = $row;
}

$dbh = null;

}  catch (PDOException $e) {
print “Error!: ” . $e->getMessage() . “<br/>”;
die();
}

echo(“<br/><br/>”);

echo(“——————————————–<br/>”);
echo(“An example of looping around an array<br/>”);

if ($table) {    //Check if there are any rows to be displayed
//Retrieve each element of the array
foreach($table as $d_row) {
echo( $d_row[“first_name”] . ” ” . $d_row[“last_name”] . “<br/>” );
}
}

echo(“——————————————–<br/>”);
echo(“An example of printing one element from the array<br/>”);
echo($table[0][“first_name”]);

?>

<?php

//Example of fetching data from a database using PDO objects

//This uses a prepared statement using named values

try {

$dbhost = “localhost”;
$dbname    = “users”;
$dbusername = “root”;
$dbpass = “”;

$first_name = “%paul%”;

//Connect to the database
$dbh = new PDO(“mysql:host=” . $dbhost . “;dbname=” . $dbname, $dbusername, $dbpass);

//the sql query using a named placeholder
$sql = “SELECT * FROM users WHERE first_name LIKE :first_name “;

//statment handle
$sth = $dbh->prepare($sql);

$sth->execute(array(“:first_name” => $first_name));

$sth->setFetchMode(PDO::FETCH_ASSOC);

echo(“<br/><br/>”);
echo(“——————————————–<br/>”);
echo(“An example of printing values from a select statement with parameters<br/>”);

while($row = $sth->fetch()) {
echo( $row[“first_name”] . “<br/>” );
$table[] = $row;
}

$dbh = null;

}  catch (PDOException $e) {
print “Error!: ” . $e->getMessage() . “<br/>”;
die();
}

?>