Up next

Autoplay

PHP PDO Tutorial Part 1 - Prepared Statements - SQL Injection - Full PHP 8 Tutorial

6 Views • 04/10/23
Share
Embed
cashinvids
cashinvids
6 Subscribers
6

In this lesson, you will learn how to connect to the database from PHP using PHP Data Objects or in short PDO. PDO provides data access layer abstraction where common methods can be used to interact with different databases like MySQL, SQLite, and so on. You will learn about prepared statements, what SQL injection is & how it works, how to prevent SQL injection, learn about the difference between binding params by value or by reference, the difference between placeholders & named parameters, emulated prepares & so on.

NOTE: If you have concerns/questions about 15:28 please watch the beginning of Part 2 of the PDO lesson, I address & explain there. This is just a debug query & to save an extra line I decided to pass an integer directly to the query. I don't recommend you do that, even though this particular example has no SQL Injection vulnerability, someone might make a mistake & introduce the vulnerability. https://www.youtube.com/watch?v=e6yLUvpcOZo

SOME OF THE WAYS YOU CAN SUPPORT THE CHANNEL
👍 Smash the like button
🤝 Subscribe to the channel & turn the notifications on
💬 Post comments, any feedback is greatly appreciated
⭐ Become a Patreon: https://www.patreon.com/programwithgio
THANK YOU!

LESSON 2.30
Course Outline - https://github.com/ggelashvili..../learnphptherightway
Course Playlist - https://www.youtube.com/playli....st?list=PLr3d3QYzkw2

RESOURCES
https://www.php.net/manual/en/book.pdo.php
https://www.php.net/manual/en/pdo.connections.php
https://www.php.net/manual/en/....pdo.error-handling.p
https://www.php.net/manual/en/class.pdo.php
https://www.php.net/manual/en/....class.pdostatement.p
https://www.php.net/manual/en/pdo.constants.php
https://www.php.net/manual/en/ref.pdo-mysql.php
https://github.com/php/php-src..../blob/master/ext/pdo

CHAPTERS
00:00 - Intro
01:12 - Install/enable PDO MySQL
02:45 - PDO connection
05:52 - Error modes
06:34 - Run queries & fetch data
07:36 - Fetch modes
09:14 - Prepared statements & SQL injection
10:12 - SQL injection example
13:43 - Placeholders, named parameters & the difference between them
18:03 - Bind parameters using bindValue & bindParam
22:18 - Emulated prepares

Show more
0 Comments sort Sort By
Facebook Comments

Up next

Autoplay