Free tutorials in Hindi & English Clean code examples with output Mobile friendly learning
📘 Lesson  ·  Lesson 16

PHP MySQL Connection (PDO)

PHP MySQL Connection (PDO)

Connecting PHP to MySQL

The modern, secure way to connect PHP to MySQL is PDO (PHP Data Objects) with prepared statements, which prevent SQL injection.

Make a Connection

<?php
  $host = "localhost"; $db = "school";
  $user = "root"; $pass = "";
  try {
    $pdo = new PDO("mysql:host=$host;dbname=$db", $user, $pass);
    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    echo "Connected!";
  } catch (PDOException $e) {
    echo "Failed: " . $e->getMessage();
  }
?>

Safe Query (Prepared Statement)

<?php
  $stmt = $pdo->prepare("SELECT * FROM students WHERE marks > ?");
  $stmt->execute([80]);
  $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
  foreach ($rows as $row) {
    echo $row["name"] . "<br>";
  }
?>

Why Prepared Statements?

The ? placeholder keeps user input as data, never as runnable SQL. This blocks SQL injection — the #1 web security rule.

Summary

  • Use PDO to connect PHP to MySQL safely.
  • Always use prepared statements (? placeholders) to prevent SQL injection.

PHP को MySQL से Connect करना

PHP को MySQL से connect करने का modern, secure तरीका PDO (PHP Data Objects) है prepared statements के साथ, जो SQL injection रोकते हैं।

Connection बनाएं

<?php
  $host = "localhost"; $db = "school";
  $user = "root"; $pass = "";
  try {
    $pdo = new PDO("mysql:host=$host;dbname=$db", $user, $pass);
    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    echo "Connected!";
  } catch (PDOException $e) {
    echo "Failed: " . $e->getMessage();
  }
?>

Safe Query (Prepared Statement)

<?php
  $stmt = $pdo->prepare("SELECT * FROM students WHERE marks > ?");
  $stmt->execute([80]);
  $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
  foreach ($rows as $row) {
    echo $row["name"] . "<br>";
  }
?>

Prepared Statements क्यों?

? placeholder user input को data रखता है, कभी runnable SQL नहीं। यह SQL injection block करता है — web security का #1 नियम।

सारांश

  • PHP को MySQL से safely connect करने को PDO use करें।
  • SQL injection रोकने को हमेशा prepared statements (? placeholders) use करें।
← Back to PHP Tutorial
🔗

Share this topic with a friend

यह topic किसी दोस्त को भेजें

Found it useful? Send it to a classmate learning the same thing.

अच्छा लगा? जो दोस्त यही सीख रहा है, उसे भेज दीजिए।

💻 Live Code Editor

Is page ki language (PHP) mein code likhein aur turant chalाएं — yahीं, bina kuch install kiye.
Powered by OneCompiler. Agar editor na khule to yahान naye tab mein kholein.

💻 Live Code Editor

Is page ke program yahan ready hain — chalाएं, badlें aur seekhें. Bina kuch install kiye.
Powered by OneCompiler. Editor mein code apne aap aa jata hai — Run dabaakर output dekhें. Agar load na ho to naye tab mein kholें.