Can someone clarify for me what the advantages and disadvantages of using MySQLi instead of MySQL? Are there situations where I should not use MySQLi? Do I need to configure my server differently in order to use MySQLi? For instance, do I need to upgrade Apache or PHP so I can support MySQLi?
Reasons why you should use MySQLi extension instead of the MySQL extension are many:
MySQLi gives you prepared statements - a safer way of sending data to MySQL and protecting you from SQL injection. This alone should be enough for always choosing MySQLi over MySQL.
MySQLi enables most of the MySQL features.
MySQLi is object orientated.
MySQLi supports prepared statements, transactions and multiple statements.
The old MySQL extension is deprecated as of PHP 5.5.0
And there are other benefits. But mainly, you should focus on security and stabiltity - and MySQLi gives you just that.
PHP team refuse to support mysql extension any further. This reason is alone enough.
All other reasons don't make much sense:
MySQLi gives you prepared statements - one can use old mysql with manually handled plaeholders and get even safer. This alone should be stopping MySQL from useless deprecation.
MySQLi enables most of the MySQL features which most of PHP users never ever heard of.
MySQLi is object oriented - a pair of straight hands can make old mysql objec oriented in a matter of several hours.
*MySQLi supports
transactions* - mysql supports them as well. just run START TRANSACTION query and you're set.
multiple statements - yet nobody actually needs them.
prepared statements - as a matter of fact, the support is horrible, renders them practiaclly unusable
So, there are no advantages at all.
If you want to get along with non-deprecated but usable extension - go for the PDO.
If you are using mysql > 4.1.3. Mysqli is a new interface for mysql in php. A quote from http://www.php.net/manual/en/mysqli.overview.php
What is PHP's MySQL Extension?
This is the original extension designed to allow you to develop PHP applications that interact with a MySQL database. The mysql extension provides a procedural interface and is intended for use only with MySQL versions older than 4.1.3. This extension can be used with versions of MySQL 4.1.3 or newer, but not all of the latest MySQL server features will be available.
Note:
If you are using MySQL versions 4.1.3 or later it is strongly recommended that you
use the mysqli extension instead.
Always, if possible.
It is possible that MySQLi is not supported by your PHP install. However, most hosting providers have support for MySQLi.
Unless you are using an old version of the MySQL database (prior to 4.1.3) or require some functionality not yet included in MySQLi (I think there are one of two functions that weren't moved over) then stick with MySQLi when ever you can.
Related
hello I have an assignment that asking me to give at least one disadvantage of using php's MySQLi library over php's MySQL .. I don't see any .. can any one give me some disadvantage because I can never find one
MySQLi has this feature called prepared statements which is nothing but a safer way of sending data to MySQL and protecting yourself from getting hacked using SQL injection. This is the foremost reason why one should always prefer MySQLi over MySQL.
MySQLi extension has been specifically developed to take advantage of the new features available in MySQL Server version 4.1.3 and above. So the thing is if you still use the MySQL extension then you might not be able to take full advantage of the new MySQL server features.
MySQLi is object orientated and a lot has already been talked about how useful Object Oriented programming is.
MySQLi supports multiple Statements, Complex Transaction statements and has enhanced debugging capabilities and embedded server support.
I have mysql installed and now I want to work on mysqli with new database.
Does it affect my previous database which is in mysql if I enable mysqli in phpmyadmin?
mysqli -> MySQL Improved Extension.
The mysqli extension, or as it is sometimes known, the MySQL improved extension, was developed to take advantage of new features found in MySQL systems versions 4.1.3 and newer. The mysqli extension is included with PHP versions 5 and later.
You just have to change the code you have done using mysql. No Need to change the database. mysqli methods also use the mysql database.
This may help
if you're switching from MySQL to MySQLi,
I suggest you to go for PHP Data Objects (PDO) with Prepared Statements.
It could give you little bit of burden initially, but once you create your own PDO class, you will be so glad upon your PDO work, believe me.
I took help from below links when I started it. try'em.
http://php.net/manual/en/book.pdo.php
http://code.tutsplus.com/tutorials/php-database-access-are-you-doing-it-correctly--net-25338
Before today I use to use mysql but today I changed to mysqli. Nothing happens if you use mysql no need to create a new DataBase for this.
The suggestion I would give is to use mysqli since it is
Improved version of mysql and provides better functionalities
This is one good SO post about difference between two
Other way is also to switch if you go to PDO
This question already has answers here:
mysqli or PDO - what are the pros and cons? [closed]
(13 answers)
Closed 1 year ago.
Just writing a PHP website and using mySqli for my database connectivity. Really enjoying it as I can use Prepare statements and then do a $result = $stmt->get_result(); which loads results into an associated array. However, thought it best be time to upload a few pages and the DB to hosting site to test speed and such to find that it does not support the $stmt->get_result(); command, having it needing to use the mysqlnd driver which my host does not support.
Looking into this nor does many host providers either. Now when I started the website I looked back at some of my old PHP code and apparently the normal mySql code that I used to use has become obsolete and was told on the internet to use mySQLi instead only to find that support for this is dropping to?! so it would see, so what is the best mySql connectivity to use?
I would not use any old mysql connectors at all. They are deprecated due to huge gaping security holes. As for whether you want to use prepared statements using mysqli or PDO, that is a matter of choice; they both are pretty secure. mysqli is good as long as you use prepared statements and don't rely on escaping your variables (which is a huge pain and easy to make a mistake, so therefore not as secure).
The advantages of using PDO is that is easier to move between different database types (e.g. if you want to work with Oracle or SQL Server or PostreSQL) it is easier to make the transition, and it is far more powerful if you like to work with classes. On this site you will generally find more people who prefer PDO.
Also as for support for mysqlnd? See below documentation from the official site:
PHP 5.4 has mysqlnd as default
As of PHP 5.4, the mysqlnd library is a php.net compile time default
to all PHP MySQL extensions. Also, the php.net Windows team is using
mysqlnd for the official PHP Windows distribution since mysqlnd became
available in PHP 5.3
In other words, those web host providers are behind the times. You might want to look for a better one.
Vague question, but considering the the heading, mysqli and PDO are same thing (almost same).
PDO is platform independent but mysqli is only for mysql database engine. if you are not going to make corporate level applications like some SaaS app then I suggest use mysqli.
If your app is always gonna be php & mysql, then why bother using PDO? There is not much benefit in using it.
I disagree with nomistic that mysqli is not as secure.
Both PDO and mysqli can have non prepared queries. Both are equally secure.
PDO have one benefit I like, Named Parameter in prepared statements. So PDO is 1 step ahead.
Yo may like this post:
pdo-vs-mysqli-which-should-you-use
Recently the PHP manual started showing the following warning on every mysql function page:
Use of this extension is discouraged. Instead, the MySQLi or
PDO_MySQL extension should be used. See also MySQL: choosing an API
guide and related FAQ for more information...
MySQLi used to be very buggy, but have they improved it so that it's finally worthy of its name? Is that why they're abandoning the MySQL extension and trying to get people to use MySQLi?
Actually, I would like to use MySQLi if it's not buggy anymore. It has more features and it's object oriented.
Any comments on this?
//EDIT: What I want to know is if it's OK to use MySQLi. Or is it still buggy? Should I go with PDO instead?
Yes. Since (very) long. We now have mysqli, or better yet, PDO.
I wouldn't lock myself into mysqli, I'd prefer PDO. Beside the easier migration it offers from one database system to another, it also offers better error handling.
What I want to know is if it's OK to use MySQLi. Or is it still buggy?
MySQLi itself is quite bug-free and it's used in production.
Should I go with PDO instead?
If your only argument for using mysqli is its similarity to mysql, then you'd probably not use mysqli to its full potential anyway. If you want to use mysqli to its full potential, then you'd have to start learning "anew" (it's not terribly much to learn, you know). If you start learning some new tool from "scratch", then why not learn the better alternative - PDO, in the first place?
On the other side, PDO is not perfect either. With PDO, you cannot access MySQL specific APIs (such as post-construct set_charset, infile settings, async queries, OUT params from prepared statements). Also, you should set it to do true prepared statements if you need them.
The PHP MySQLi is an MySQL Improved Extension.
The mysqli extension allows you to access the functionality provided by MySQL 4.1 and above.
You can compare both of them at The MySQLi Extension Function Summary.
If you are searching for a future proof solution, object oriented, the way to go is PHP PDO.
The PHP Data Objects (PDO) extension defines a lightweight, consistent interface for accessing databases in PHP. Each database driver that implements the PDO interface can expose database-specific features as regular extension functions.
...
PDO provides a data-access abstraction layer, which means that, regardless of which database you're using, you use the same functions to issue queries and fetch data.
Yes you can go with MySQLi and what you write is true, the API allows an easy change from the MySQL API.
For new projects it's recommended to not use ext/mysql any longer, but to use ext/mysqli or PDO_MySQL.
As you have not written what was buggy for you back in 2009, it's hard to say if these bugs are gone. I would assume so, but, well, check for yourself.
You might want to also use ext/mysqli with the MySQL native driver instead of the MySQL client server library (libmysql).
It was about time. The mysql API, though easy to use, suffers from many problems. Arguably the worst problem is the complete lack of support for prepared statements, which forces you to piece together bits of SQL through string operations. This is not only slow but also a major source of SQL injection vulnerabilities.
One of the advantages of PDO over MySQLi is that you'll find that you don't have to learn a new API when you decide to use a different DBMS in a future project.
There is a tutorial I'd like to follow which has some great reviews. The only problem being it makes use of MySQLi instead of MySQL. I only have access to MySQL.
Are there big enough differences to warrant looking for a straight PHP-MySQL tutorial or is it worth just going with this one and making changes myself?
I would say I am a 'beginner' with both PHP and MySQL, but can find my way around the code fine, apply CRUD etc so not completely new.
MySQLi is PHP's "improved" MySQL driver. Meaning it will take full advantage of MySQL servers version higher than 4.1.3.
Then underlaying MySQL server would be the same, using the old MySQL interface or the newer MySQLi, so everthing should remain valid if you are following a MySQL tutorial on a MySQLi interface.
In your case, you should pay attention to MySQLi only stuff since they won't be avaliable to you.
Quote from the official website:
What is PHP's mysqli Extension?
The mysqli extension, or as it is
sometimes known, the MySQL improved
extension, was developed to take
advantage of new features found in
MySQL systems versions 4.1.3 and
newer. The mysqli extension is
included with PHP versions 5 and
later.
The mysqli extension has a number of
benefits, the key enhancements over
the mysql extension being:
Object-oriented interface
Support for Prepared Statements
Support for Multiple Statements
Support for Transactions
Enhanced debugging capabilities
Embedded server support
It shouldn't be too hard to make the necessary adjustments. If you look at PHP's MySQL functions vs the MySQLi functions functions the main difference is that MySQLi is an object-oriented interface. Converting back to the regular MySQL functions is usually quite easy, for example: $rs->affected_rows becomes mysql_affected_rows($rs).
As #hexa pointed out, there are a couple things in MySQLi that the old interface doesn't support, such as prepared queries. If the tutorial involves those, it's not that hard to convert them to regular queries, it's just a bit of a hassle.