Reasons to use PDO

• It’s Fast - it talks to the database via a database specific PDO-driver.
• It’s Object Oriented – The methods within the class are the same for each database driver, so you can easily change your database driver without lots of extra coding.
• It’s Flexible-  You can easily change between such database drivers as PostgreSQL, MySQL or SQLite by pretty much just changing your construct statement.
• It’s Safer – PDO encourages you to bind parameters to your SQL query’s, meaning that it’s significantly less likely your website will suffer from a SQL injection based attack.

Connecting to a Database

Connecting to a database is pretty simple. Here is how to connect to a MySQL Database.

<?php
// Define the parameters
$host = 'localhost';
$dbname = 'my_database';
$user = 'mysql_username';
$pass = 'mysql_password';

try {
	// Call the PDO class.
	$db= new PDO('mysql:host='.$host.';dbname='.$dbname, $user, $pass);
} catch(PDOException $e) {
	// If something goes wrong, PDO throws an exception with a nice error message.
	echo $e->getMessage();
}

?>

Doing A Query

Again, doing a query is just as simple as:

<?php
$query = $db->query('SELECT * FROM `users` ORDER BY ID DESC;');
$result = $query->fetchAll(PDO::FETCH_ASSOC);

// $result will now contain an object of all the rows in the table 'Users'
?>

However, if you are using user variables which may cause a SQL Injection you should bind the parameter to the query (see next example).

Binding a parameter to a query

<?php
$query = $db->prepare('SELECT * FROM `users` WHERE `ID` = :ID: AND `email` = :email: ORDER BY ID DESC LIMIT 0,1;');
$query->execute(array(':ID:' => '3', ':email:' => 'me@email.com'));
$result = $query->fetchAll(PDO::FETCH_ASSOC);
?>

If you bind a parameter to a request, it will sterilize the input so that it will not cause a SQL Injection.

Useful Resources

PHP Manual: PHP Data Objects

Nettuts+: Why you Should be using PHP’s PDO for Database Access

PHP: The Good Parts

Update:

As of PHP 5.4 the MySQL extension will be softly deprecated. This means you really should start using PDO ASAP!

In a nutshell they are a group of PHP functions why can be used to check strings to see if they are alphanumeric, numeric etc without using regex (So they are fast!). The key thing to remember is that they return TRUE or FALSE, unlike filter_var which returns FALSE or the string.
Here is the code example:

<?php
// Check if input is alphanumeric (letters and numbers)
ctype_alnum('abcdef1234'); // This returns TRUE
ctype_alnum('£%^&ab2'); // This on the otherhand returns FALSE

// check if input is alpha (letters)
ctype_alpha('dssfsdf'); // returns TRUE
ctype_alpha('12345dssfsdf'); // Returns FALSE

// Check if the input is numeric
ctype_digit('1234'); // TRUE
ctype_digit('1as2d34f'); // FALSE
?>

It also contains functions to check for just numeric strings, uppercase strings and lowercase strings.

<?php
// Uppercase
ctype_upper('HELLO'); // TRUE
ctype_upper('hElLo'); // FALSE

// Lowercase
ctype_lower('hello'); // TRUE
ctype_lower('HeLLo'); // FALSE
?>

Handy right?

<?php
function validEmail($email){
	// Check the formatting is correct
	if(filter_var($email, FILTER_VALIDATE_EMAIL) === false){
		return FALSE;
	}

	// Next check the domain is real.
	$domain = explode("@", $email, 2);
	return checkdnsrr($domain[1]); // returns TRUE/FALSE;
}

// Example
validEmail('real@hotmail.com'); // Returns TRUE
validEmail('fake@fakedomain.com'); // Returns FALSE
?>

Free feel to copy/share.

Here is a code example of how to get the weather:

$w = new Weather('50.799995', '-1.065545'); // Input the Latitude and Longitude
echo $w->getLocation()->getWeather()->sayHuman();
// Ouput~: Portsmouth, England, PO4 8 | Partly Cloudy 4°C, Humidity: 93%, Wind: N at 8 mph

Enjoy!

Update you Timeline (Send a tweet)

$t->updateStatus('Messing about with my Twitter API script');

Get your Mentions

$t->mentions();

Get a users timeline

$t->getTimeline('Rogem002');

Enjoy

<?php
// Coded by Mike Rogers (http://www.fullondesign.co.uk/) 1st October 2010.

function shorten($url, $qr=NULL){
	if(function_exists('curl_init')){
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_URL, 'http://goo.gl/api/shorten');
		curl_setopt($ch, CURLOPT_POST, TRUE);
		curl_setopt($ch, CURLOPT_POSTFIELDS, 'security_token=null&url='.urlencode($url));

		$results = curl_exec($ch);
		$headerInfo = curl_getinfo($ch);
		curl_close($ch);

		if ($headerInfo['http_code'] === 201){ // HTTP Code 201 = Created
			$results = json_decode($results);
			if(isset($results->short_url)){
				$qr = !is_null($qr)?'.qr':'';
				return $results->short_url.$qr;
			}
			return FALSE;
		}
		return FALSE;	

	}
	trigger_error("cURL required to shorten URLs.", E_USER_WARNING); // Show the user a neat error.
	return FALSE;
}

// Example: Just the Short URL
echo shorten('http://www.google.com/');

// Example: Give the Short Code URL and image it.
$qrURL = shorten('http://www.google.com/', TRUE);
echo '<img src="'.$qrURL.'" />';
?>

If you want to read up a bit more about the goo.gl shortener, take a look at Matt Cutts post on his blog.

Edit – Added QR Support.

Thankfully since then, the PHP community has embraced the PCRE functions which are more efficient and are Perl-compatible. However the downside to PCRE (and POSIX for that matter) is that you need to know regular expressions, which for a newbie to learn can feel like walking through a minefield.

Recently though the Filter Functions have become a very popular method to validate data. This is due to their small learning curve.

How to use the Filter Functions

In this example (Using the filter_var() function) the filter function takes the data you input (For example: email@example.com) and will return either the data (if it’s valid) or false (if the data is not valid).

<?php
// Filter an Email Address
var_dump(filter_var('email@example.com', FILTER_VALIDATE_EMAIL)); // Returns: string(17) "email@example.com"

// This is a fake email being filtered.
var_dump(filter_var('fake_mail.com', FILTER_VALIDATE_EMAIL)); // Returns: bool(false)

var_dump(filter_var('ema(i)l@e\xample.com', FILTER_SANITIZE_EMAIL )); // Returns: string(17) "email@example.com"

// Filter a URL
var_dump(filter_var('example.com', FILTER_VALIDATE_URL)); // Returns: bool(false)

// Filter a URL
var_dump(filter_var('http://example.com', FILTER_VALIDATE_URL)); // Returns: string(18) "http://example.com"

// Example usage
$email = 'email@example.com'; // or something submitted from a form.
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){ // If this returns false
	die('The email you send is invalid.');
}
?>

A handful of the useful available filters are:

• FILTER_SANITIZE_STRING – Removes HTML tags and possibly unwanted characters.
• FILTER_SANITIZE_EMAIL – Removes unwanted characters from an email address.
• FILTER_SANITIZE_URL – Removes unwanted characters from a URL.
• FILTER_SANITIZE_NUMBER_INT – Returns only digits,  + and -.
• FILTER_VALIDATE_INT – If data is not an integer it will return false.
• FILTER_VALIDATE_URL – If data is not a URL it will return false.
• FILTER_VALIDATE_EMAIL – If data is not an email it will return false.
• FILTER_VALIDATE_IP- If data is not an IP it will return false.

function shorten_url($url, $service=NULL){
		if($service== 'tinyurl'){return get_link('http://tinyurl.com/api-create.php?url='.urlencode($url));}
		elseif($service == 'urly'){return get_link('http://ur.ly/new.txt?href='.urlencode($url));}
		elseif($service == 'isgd'){return get_link('http://is.gd/api.php?longurl='.urlencode($url));}
		elseif($service == 'klam'){return get_link('http://kl.am/api/shorten/?format=text&url='.urlencode($url));}
		elseif($service == 'unu'){return get_link('http://u.nu/unu-api-simple?url='.urlencode($url));}
		else{return get_link('http://api.tr.im/v1/trim_simple?url='.urlencode($url));}
		return $url;
	}

	function get_link($url){
		if(function_exists('curl_init')){
			$ch = curl_init();
			curl_setopt($ch, CURLOPT_VERBOSE, 1);
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
			//curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
			//curl_setopt($ch, CURLOPT_POST, 1);
			curl_setopt($ch, CURLOPT_URL, $url);
			$result = curl_exec($ch);
			$resultArray = curl_getinfo($ch);
			if ($resultArray['http_code'] == 200){
				return $result;
			} else {
				return FALSE;
			}
			curl_close($ch);
		}elseif(ini_get('allow_url_fopen') == 1){
			return fopen($url, 'r');
		}
		return FALSE;
	}

/* Usage */
echo shorten_url('http://www.fullondesign.co.uk/');
// returns: http://tr.im/JPCz

<?php
echo realpath('../');
// Would return: /home/mike/www/blogposts
?>

How to make a great example?

Here is the code so you can shorten strings and check for potentially embrassing words.

<?php
// String Cleaner - Cleans words you don't want out of strings.

// Step 1 - Define the string and the words yoiu want to remove.
$string = 'this is my silly input how cool is it?';
$words_to_remove ='silly|my|eggs'; // Seperate words with | this is regular expression.

// Step 2 - shorten the string
$string = substr($string, 0, 23); // This with return the first 23 characters (including spaces) in the string.

// Step 3 - Remove the words
echo preg_replace('#\b('.$words_to_remove.')\b#is', '', $string); // This will remove the 

// This would return:
// this is input
?>