I was an extremely amauter php developer before I decided to jump on the rails train. Now, I can say that I am a pretty good rails developer, and have come to love many of the features it offers. Mainly, I LOVE how easy it is to query in rails. For example:
@records = Model.where('column_name = ? and column_name = ?', params[:something], params[:something2])
This is easy to to do, and it even handles SQL injection. As much as I love rails, I am developing an app using PHP right now. I am at the point where I need to start putting a database together and begin querying it. So my question is, are there php libraries that work similar to rails queries? In other words, help with sql injection, ease of use, etc.? Any and all input would be appreciated.
PHP provides a library called PDO, built into the language, which does exactly what you’re asking: http://php.net/manual/en/book.pdo.php
What you’re asking about, by the way, is called “parameterised queries”.
In fact, even the MySQLi library can do it.
The one PHP library that can’t do it is the old MySQL library (ie functions like
mysql_query()etc). This library is considered obsolete and is no longer maintained. If you’re still using it (which I guess you probably are if you don’t know about PDO or MySQLi), then the PHP manual recommends switching to one of the other two libraries.