sqlite baby steps - small steps for huge success
TRANSCRIPT
SQLITE BABY STEPSSmall Steps for Huge Success
WTF is PDO?
• PHP Data Object
• An abstraction of your database driver
• An object you can use to talk to just about any
database
What can I do with PDO?
• Use prepared statements (the main subject of
this presentation)
• Prevent some SQL injection attacks
• Develop using SQLite, but run production with
MySQL or PostgreSQL
Creating/Connecting
• Instantiate the PDO object with a dsn
• Examples:
• $db = new PDO(‘sqlite::memory:’);
• $db = new
PDO(‘mysql:host=localhost;dbname=test’);
prepare, bind, execute, fetch
Most queries follow the same pattern:
• prepare() — $stmt = $db->prepare($sql);
• bind() — $stmt->bind(‘:input’, $variable);
• execute() — $stmt->execute();
• fetch() — $stmt->fetchAll(); or $stmt->fetch();
prepare
• Creates a prepared statement for execution
• Allows for inputs for the query that aren’t
available in code yet
• Great way to separate queries and data model
from implementation and usage
bind
• Binds the input in a prepared statement to the
pointer of a variable
• Variable does not have to be defined
• Not required
execute
• Executes the prepared statement on the
database
• Returns true if it passes, false if it fails
• Can take an array of input parameters to be
used with the prepared statement
fetch(all)
• Fetches the results
• fetch() and fetchAll() are two ways to fetch
results
• Is a cursor and can be iterated over
• Takes a fetch type as an input,
PDO::FETCH_ASSOC is my favorite
–Bruce Buffer
“It’s time!!!”
What’re we going to do?
Questions?
References
• github project — https://github.com/wscoble/phpug-
pdo101
• twitter — twitter.com/lvcodesmith
• google+ — plus.google.com/+ScottScoble
• LinkedIn — linkedin.com/in/scottscoble