0
I was reading and I saw that many say, PDO merely simulates the prepared statements and consider a disadvantage, I wonder then... Which is safer? Or which is more susceptible to SQL Injection or any other type of attempted invasion?
0No answers
Browser other questions tagged php pdo mysqli security-guard
You are not signed in. Login or sign up in order to post.
Susceptible or not depends more on you than the difference between PDO or Mysqli. But in short Mysqli appears to be slightly safer and faster, after all it was only made for Mysql and only supports Mysql (while PDO supports multiple banks). See https://answall.com/questions/8302/mysqli-vs-pdo-qual-o-mais-recommendedfor use.
– Inkeliz
Despite having bullshit in the other’s answers (for example, present prepare on the client’s side as an advantage, being a huge disadvantage), the question is duplicated. In short, for Mysql there is no comparison, the business is to usemysqli_ . For those who want other banks, PDO is the only option, if there is no native driver for the used bank.
– Bacco
Both are safe, but with PDO you will have better portability. It is not uncommon for a project to decide to switch banks and if you are using mysqli, you will face weeks to months to make this migration.
– Asura Khan