100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace

PHP PDO Database Access Cheat Sheet

PHP PDO Database Access Cheat Sheet

Covers connecting with PDO, writing prepared statements, handling transactions, and key fetch and error mode configuration options.

1 PageIntermediateApr 12, 2026

Connecting with PDO

Opening a database connection with safe defaults.

php
try {    $pdo = new PDO(        "mysql:host=localhost;dbname=myapp;charset=utf8mb4",        "dbuser",        "dbpass",        [            PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,            PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,        ]    );} catch (PDOException $e) {    die("Connection failed: " . $e->getMessage());}

Prepared Statements

Safely binding parameters to queries.

php
// SELECT with named placeholders$stmt = $pdo->prepare("SELECT * FROM users WHERE email = :email");$stmt->execute(['email' => 'jane@example.com']);$user = $stmt->fetch();// INSERT with positional placeholders$stmt = $pdo->prepare("INSERT INTO posts (title, body) VALUES (?, ?)");$stmt->execute([$title, $body]);$newId = $pdo->lastInsertId();// Fetching multiple rows$stmt = $pdo->query("SELECT id, name FROM users");foreach ($stmt->fetchAll() as $row) {    echo $row['name'];}

Transactions

Grouping statements atomically with commit and rollback.

php
try {    $pdo->beginTransaction();    $pdo->prepare("UPDATE accounts SET balance = balance - ? WHERE id = ?")        ->execute([100, 1]);    $pdo->prepare("UPDATE accounts SET balance = balance + ? WHERE id = ?")        ->execute([100, 2]);    $pdo->commit();} catch (PDOException $e) {    $pdo->rollBack();    throw $e;}

PDO Concepts

Fetch modes, error handling, and binding methods.

  • PDO::FETCH_ASSOC- Returns rows as associative arrays keyed by column name
  • PDO::FETCH_OBJ- Returns rows as stdClass objects with column names as properties
  • PDO::ERRMODE_EXCEPTION- Makes PDO throw a PDOException on errors instead of failing silently
  • bindParam vs bindValue- bindParam binds by reference and reads the value at execute time; bindValue binds the value immediately
  • lastInsertId()- Returns the auto-increment ID generated by the most recent INSERT
  • Prepared statements- Separate SQL structure from data, automatically preventing SQL injection when placeholders are used
Pro Tip

Always use prepared statements with bound parameters instead of string-interpolating values into SQL — it's the single most effective defense against SQL injection in PHP.

Was this cheat sheet helpful?

Explore Topics

#PHPPDODatabaseAccess#PHPPDODatabaseAccessCheatSheet#Programming#Intermediate#ConnectingWithPDO#PreparedStatements#Transactions#PDOConcepts#Databases#CheatSheet#SkillVeris
Advertisement
Sri Hayavadhana Info-Tech

Professional Web Designing Services

  • Responsive Websites
  • E-commerce Solutions
  • SEO Friendly Design
  • Fast & Secure
  • Support & Maintenance
Get a Free Quote

Share this Cheat Sheet