I'm using PDO and I got this message, but from what I found I thought PDO actually implemented mysqli.
You are using PHP's deprecated 'mysql' extension, which is not capable
of handling multi queries. The execution of some stored routines
may fail! Please use the improved 'mysqli' extension to avoid any
problems.
Why do I get this message, then?
This is almost like asking what's the difference between DOMDocument and SimpleXML or what's the difference between php and python. They're different libraries, although they're both for interfacing with a MySQL database server.
PHP has done quite a nice job of cataloging the differences
Mysql doesn't support for running multiple queries at a time. Mysql also doesn't support for prepared statement. Because of that you have to use Mysqli, it supports both.
There are a lot of discussion on this topic previously. You better search on the Internet (Even only in the Stackoverflow).
Like:
What is difference between mysql,mysqli and pdo?
Difference between mysqli and mysql?
You need to do more research man. Think critically and be a programmer. ;)
I thought PDO actually implemented mysqli.
Nice question but false though.
PDO implements the interface so that you can use all Database System. So, it just can't implement some features from mysqli as they require some special features that are not yet emulated for SQLite for example ! You can find similar issues when you compare PDO and pgsql_ API.
Related
hello I have an assignment that asking me to give at least one disadvantage of using php's MySQLi library over php's MySQL .. I don't see any .. can any one give me some disadvantage because I can never find one
MySQLi has this feature called prepared statements which is nothing but a safer way of sending data to MySQL and protecting yourself from getting hacked using SQL injection. This is the foremost reason why one should always prefer MySQLi over MySQL.
MySQLi extension has been specifically developed to take advantage of the new features available in MySQL Server version 4.1.3 and above. So the thing is if you still use the MySQL extension then you might not be able to take full advantage of the new MySQL server features.
MySQLi is object orientated and a lot has already been talked about how useful Object Oriented programming is.
MySQLi supports multiple Statements, Complex Transaction statements and has enhanced debugging capabilities and embedded server support.
This question already has answers here:
mysqli or PDO - what are the pros and cons? [closed]
(13 answers)
Closed 1 year ago.
Just writing a PHP website and using mySqli for my database connectivity. Really enjoying it as I can use Prepare statements and then do a $result = $stmt->get_result(); which loads results into an associated array. However, thought it best be time to upload a few pages and the DB to hosting site to test speed and such to find that it does not support the $stmt->get_result(); command, having it needing to use the mysqlnd driver which my host does not support.
Looking into this nor does many host providers either. Now when I started the website I looked back at some of my old PHP code and apparently the normal mySql code that I used to use has become obsolete and was told on the internet to use mySQLi instead only to find that support for this is dropping to?! so it would see, so what is the best mySql connectivity to use?
I would not use any old mysql connectors at all. They are deprecated due to huge gaping security holes. As for whether you want to use prepared statements using mysqli or PDO, that is a matter of choice; they both are pretty secure. mysqli is good as long as you use prepared statements and don't rely on escaping your variables (which is a huge pain and easy to make a mistake, so therefore not as secure).
The advantages of using PDO is that is easier to move between different database types (e.g. if you want to work with Oracle or SQL Server or PostreSQL) it is easier to make the transition, and it is far more powerful if you like to work with classes. On this site you will generally find more people who prefer PDO.
Also as for support for mysqlnd? See below documentation from the official site:
PHP 5.4 has mysqlnd as default
As of PHP 5.4, the mysqlnd library is a php.net compile time default
to all PHP MySQL extensions. Also, the php.net Windows team is using
mysqlnd for the official PHP Windows distribution since mysqlnd became
available in PHP 5.3
In other words, those web host providers are behind the times. You might want to look for a better one.
Vague question, but considering the the heading, mysqli and PDO are same thing (almost same).
PDO is platform independent but mysqli is only for mysql database engine. if you are not going to make corporate level applications like some SaaS app then I suggest use mysqli.
If your app is always gonna be php & mysql, then why bother using PDO? There is not much benefit in using it.
I disagree with nomistic that mysqli is not as secure.
Both PDO and mysqli can have non prepared queries. Both are equally secure.
PDO have one benefit I like, Named Parameter in prepared statements. So PDO is 1 step ahead.
Yo may like this post:
pdo-vs-mysqli-which-should-you-use
In my efforts to update my code from using mysql_*, I have run into a whole heap of pain.
I decided to change my code using mysqli, first in the procedural style. After learning a bit more, I decided that actually the object-oriented style was better. When it came to using prepared statements, I ran into problems when I tried to use get_result(). I wanted to use this because I had lots of fields which needed to bound. So after looking into the issue, it appears you need the mysqlnd driver to use this, which is only available in PHP version 5.4. I was using version 5.3 so decided to upgrade.
After upgrading, I still had the error. After chasing my tail for ages, as this was something definitely outside of my area of knowledge, I discovered that mysqlnd had not been enabled for mysqli.
After speaking to my webhost support, I got the following reply:
It seems that mysqli can only be built against either the old libmysql libraries, or
against mysqlnd. cPanel apparantly defaults to the older libraries since mysqli has been
used for a long time with the older libraries.
We can try to force mysqli to build against mysqlnd ... but I have no
idea what repercussions this might have if any other sites use mysqli
already against the old libraries
This doesn't sound like a good idea, and at this stage (with plenty of time wasted) I'm thinking I should have never bothered and just stuck with mysql_* instead.
PDO has been mentioned but I know nothing about this. It seems similar to mysqli? I really don't want to invest more time in learning another something new, only then run into a similar brick wall further down the line.
There certainly isn't any plans to switch to a different type of database, so doesn't that defeat the object of using PDO? Should I just try to find some code that does the same thing get_result() does but that would work in 5.3?
I think PDO would be a better solution then mysqli in any case. It's a native library of PHP, it works very well and it's pretty easy to use.
Although they have been deprecated, the mysql_* functions are a long way from being removed entirely. However, once you've decided to make the switch from mysql_* you may as well go with the de facto standard, which is now the PDO library. It offers extra features over mysqli (named parameters, prepared statements), it works with more database vendors, security is a bit better, while the performance difference is neglible.
In your case, I would test that PDOs work on your hosting environment. If they don't, then change host.
Would PDO be better?
Yes.
Is it like mysqli?
No.
It runs SQL queries properly, as opposite to the way you were using either old mysql or new mysqli.
Recently the PHP manual started showing the following warning on every mysql function page:
Use of this extension is discouraged. Instead, the MySQLi or
PDO_MySQL extension should be used. See also MySQL: choosing an API
guide and related FAQ for more information...
MySQLi used to be very buggy, but have they improved it so that it's finally worthy of its name? Is that why they're abandoning the MySQL extension and trying to get people to use MySQLi?
Actually, I would like to use MySQLi if it's not buggy anymore. It has more features and it's object oriented.
Any comments on this?
//EDIT: What I want to know is if it's OK to use MySQLi. Or is it still buggy? Should I go with PDO instead?
Yes. Since (very) long. We now have mysqli, or better yet, PDO.
I wouldn't lock myself into mysqli, I'd prefer PDO. Beside the easier migration it offers from one database system to another, it also offers better error handling.
What I want to know is if it's OK to use MySQLi. Or is it still buggy?
MySQLi itself is quite bug-free and it's used in production.
Should I go with PDO instead?
If your only argument for using mysqli is its similarity to mysql, then you'd probably not use mysqli to its full potential anyway. If you want to use mysqli to its full potential, then you'd have to start learning "anew" (it's not terribly much to learn, you know). If you start learning some new tool from "scratch", then why not learn the better alternative - PDO, in the first place?
On the other side, PDO is not perfect either. With PDO, you cannot access MySQL specific APIs (such as post-construct set_charset, infile settings, async queries, OUT params from prepared statements). Also, you should set it to do true prepared statements if you need them.
The PHP MySQLi is an MySQL Improved Extension.
The mysqli extension allows you to access the functionality provided by MySQL 4.1 and above.
You can compare both of them at The MySQLi Extension Function Summary.
If you are searching for a future proof solution, object oriented, the way to go is PHP PDO.
The PHP Data Objects (PDO) extension defines a lightweight, consistent interface for accessing databases in PHP. Each database driver that implements the PDO interface can expose database-specific features as regular extension functions.
...
PDO provides a data-access abstraction layer, which means that, regardless of which database you're using, you use the same functions to issue queries and fetch data.
Yes you can go with MySQLi and what you write is true, the API allows an easy change from the MySQL API.
For new projects it's recommended to not use ext/mysql any longer, but to use ext/mysqli or PDO_MySQL.
As you have not written what was buggy for you back in 2009, it's hard to say if these bugs are gone. I would assume so, but, well, check for yourself.
You might want to also use ext/mysqli with the MySQL native driver instead of the MySQL client server library (libmysql).
It was about time. The mysql API, though easy to use, suffers from many problems. Arguably the worst problem is the complete lack of support for prepared statements, which forces you to piece together bits of SQL through string operations. This is not only slow but also a major source of SQL injection vulnerabilities.
One of the advantages of PDO over MySQLi is that you'll find that you don't have to learn a new API when you decide to use a different DBMS in a future project.
There is a tutorial I'd like to follow which has some great reviews. The only problem being it makes use of MySQLi instead of MySQL. I only have access to MySQL.
Are there big enough differences to warrant looking for a straight PHP-MySQL tutorial or is it worth just going with this one and making changes myself?
I would say I am a 'beginner' with both PHP and MySQL, but can find my way around the code fine, apply CRUD etc so not completely new.
MySQLi is PHP's "improved" MySQL driver. Meaning it will take full advantage of MySQL servers version higher than 4.1.3.
Then underlaying MySQL server would be the same, using the old MySQL interface or the newer MySQLi, so everthing should remain valid if you are following a MySQL tutorial on a MySQLi interface.
In your case, you should pay attention to MySQLi only stuff since they won't be avaliable to you.
Quote from the official website:
What is PHP's mysqli Extension?
The mysqli extension, or as it is
sometimes known, the MySQL improved
extension, was developed to take
advantage of new features found in
MySQL systems versions 4.1.3 and
newer. The mysqli extension is
included with PHP versions 5 and
later.
The mysqli extension has a number of
benefits, the key enhancements over
the mysql extension being:
Object-oriented interface
Support for Prepared Statements
Support for Multiple Statements
Support for Transactions
Enhanced debugging capabilities
Embedded server support
It shouldn't be too hard to make the necessary adjustments. If you look at PHP's MySQL functions vs the MySQLi functions functions the main difference is that MySQLi is an object-oriented interface. Converting back to the regular MySQL functions is usually quite easy, for example: $rs->affected_rows becomes mysql_affected_rows($rs).
As #hexa pointed out, there are a couple things in MySQLi that the old interface doesn't support, such as prepared queries. If the tutorial involves those, it's not that hard to convert them to regular queries, it's just a bit of a hassle.