PHP PDO Database Access Cheat Sheet
Covers connecting with PDO, writing prepared statements, handling transactions, and key fetch and error mode configuration options.
1 PageIntermediateApr 12, 2026
Connecting with PDO
Opening a database connection with safe defaults.
php
try { $pdo = new PDO( "mysql:host=localhost;dbname=myapp;charset=utf8mb4", "dbuser", "dbpass", [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, ] );} catch (PDOException $e) { die("Connection failed: " . $e->getMessage());}
Prepared Statements
Safely binding parameters to queries.
php
// SELECT with named placeholders$stmt = $pdo->prepare("SELECT * FROM users WHERE email = :email");$stmt->execute(['email' => 'jane@example.com']);$user = $stmt->fetch();// INSERT with positional placeholders$stmt = $pdo->prepare("INSERT INTO posts (title, body) VALUES (?, ?)");$stmt->execute([$title, $body]);$newId = $pdo->lastInsertId();// Fetching multiple rows$stmt = $pdo->query("SELECT id, name FROM users");foreach ($stmt->fetchAll() as $row) { echo $row['name'];}
Transactions
Grouping statements atomically with commit and rollback.
php
try { $pdo->beginTransaction(); $pdo->prepare("UPDATE accounts SET balance = balance - ? WHERE id = ?") ->execute([100, 1]); $pdo->prepare("UPDATE accounts SET balance = balance + ? WHERE id = ?") ->execute([100, 2]); $pdo->commit();} catch (PDOException $e) { $pdo->rollBack(); throw $e;}
PDO Concepts
Fetch modes, error handling, and binding methods.
- PDO::FETCH_ASSOC- Returns rows as associative arrays keyed by column name
- PDO::FETCH_OBJ- Returns rows as stdClass objects with column names as properties
- PDO::ERRMODE_EXCEPTION- Makes PDO throw a PDOException on errors instead of failing silently
- bindParam vs bindValue- bindParam binds by reference and reads the value at execute time; bindValue binds the value immediately
- lastInsertId()- Returns the auto-increment ID generated by the most recent INSERT
- Prepared statements- Separate SQL structure from data, automatically preventing SQL injection when placeholders are used
Pro Tip
Always use prepared statements with bound parameters instead of string-interpolating values into SQL — it's the single most effective defense against SQL injection in PHP.
Was this cheat sheet helpful?
Explore Topics
#PHPPDODatabaseAccess#PHPPDODatabaseAccessCheatSheet#Programming#Intermediate#ConnectingWithPDO#PreparedStatements#Transactions#PDOConcepts#Databases#CheatSheet#SkillVeris
Advertisement
Sri Hayavadhana Info-Tech
Professional Web Designing Services
- Responsive Websites
- E-commerce Solutions
- SEO Friendly Design
- Fast & Secure
- Support & Maintenance