I have little php code for daily audit transaction.I make simple to get the point.

$result = mssql_query("BEGIN TRAN");    
$result = mssql_query("insert into items_history (select * from items)");   //move transaction to history
$result = mssql_query("delete * from items)");                                  //clear transaction table for new month transaction
$result = mssql_query(                                                          //get the data for used in another script 
            "select items_history.item_id,
                items_history.item_name,
                group_items.group_name 
            from 
                items_history,group_items 
            where group_items.id=items_history.id and 
                day(items_history.date_trans)=day(items_history.date_trans)-1 "                     // whit where include 
            );
$result = mssql_query("update trans_control set current_day=current_day+1"  };  //update the system date to next day

if (!$result) {
     mssql_query("ROLLBACK TRAN");
    } else {
     mssql_query("COMMIT TRAN");
    }
mssql_close();

For some reason, this database need to store online with mysql database.
in offline, i am not much wory about secure with this code. But in online, it make me think allot about secure.
And now i want to convert this script in to PDO MySql.
the goal is simple with more secure:

$result = q("BEGIN");   
$result = q("qry1");
$result = q("qry2");
$result = q("qry3");// select with many join table and some parameter data in where like 'string','int', 'date', and maybe with "Union All" in select
$result = q("qry..."};

if (!$result) {
     q("ROLLBACK");
    } else {
     q("COMMIT");
    }

If another question have problem same like this. I am glade to start with that, specially simple wrapper, so i can learn how it work.
thank you to before.