Spread The Knowledge

Difference b/w PDO and MySQLi

Mahesh Dhaka CEO at WEBHOBS

To access a database in PHP, we have two choices: PDO and MySQLi. Before marking a choice, We should understand the difference b/w both of them in terms of security, performance, and support. Let's introduce these into brief:

  • PDO(PHP Data Objects) is the consistent interface to access the databases in PHP. It can access the wide range of databases by using database-specific PDO driver. PDO provides an abstraction layer through which we can use same functions to access the different Databases. It can be used with PHP 5.1 and the newer versions of PHP.

  • MySQLi is the replacement of MySQL functions which supports the dual interface: procedural and object-oriented programming. The users which are migrating from old MySQL should prefer the procedural way. MySQLi is the safer way of sending data to MySQL by protecting SQL injection and other kinds of security breaches .

Now, let's begin the battle b/w MySQLi and PDO:-

1. API Support

MySQLi offers both an object-oriented and procedural API but PDO only offers the object-oriented API which makes the MySQLi better understandable for the beginners.

2. Database Support

MySQLi supports only to MySQL but PDO supports wide range of Databases including Oracle, SQLite, PostGreSQL, MySQL and virious others too.

3. Security

Both of these are good enough in terms of security including to prevent the SQL injection.


// PDO, "manual" escaping
$username = PDO::quote($_GET['username']);
 
$pdo->query("SELECT * FROM users WHERE username = $username");
         
// mysqli, "manual" escaping
$username = mysqli_real_escape_string($_GET['username']);
 
$mysqli->query("SELECT * FROM users WHERE username = '$username'");

4. Performance

PDO and MySQLi both are good enough in the performance but still Mysqli is little bit faster from PDO. It's 2.5% faster for non-prepared statements, and ~6.5% for prepared statements. If every microsecond matters for you then use MySQLi else both are fine in the performance.

Conclusion:

From the above discussion we can conclude that MySQLi is little bit faster over PDO and even allow procedural API but PDO provides connectivity to wide range of databases. As far as security is concerned both are absolutely secure and reliable.

Ask The Queries

8 Reasons why PHP is best programming language for the web development

The Smackdown b/w Node JS V/S PHP

6 Benefits Of Using PHP 7

How To Send Email Using PHP

Difference b/w PDO and MySQLi

How To Secure Cookies In PHP

8 Security Tips For PHP Developers

6 Security Tips For PHP File Upload

5 Common Attacks At PHP Website

5 Tips to Speed Up Your Website