mysqli_query($conn, $sql) or $conn->query($sql)

Ashwin K Joseph picture Ashwin K Joseph · Feb 5, 2017 · Viewed 15.5k times · Source

I am new to web Development, I am currently not using any frameworks.

Till now, I was using mysqli_query($conn, $sql) to send a query to the MySQL server.

Recently I read another technique which use $conn - > query($sql).

I know that $conn->query($sql) is the OOP way of sending query and mysqli_query($conn, $sql) is the procedural method.

I haven't learned Object Oriented PHP yet However, I am going to learn it soon before moving onto a framework.

Could someone tell me the advantages of using $conn->query($sql) over the mysqli_query($conn, $sql)? Is it more secure? Is there something else to it?

I know OOP is better than Procedural, but I'd like to know the main advantages, from the point of Security(mainly)!

Answer

Your Common Sense picture Your Common Sense · Feb 5, 2017

Neither.

Three points to get it straight:

  1. There is noting much to "learn". The object syntax is as silly as it seems: just an arrow to access a method or a property. Surely you already go it.
  2. Second option just gets you less typing:

    mysqli_query($mysqli, $query);
    vs.
    $mysqli->query($query); 
    
  3. Either way you should be using PDO, not mysqli

I know OOP is better than Procedural

This is just irrelevant here. Do not confuse Object Oriented Programming with object syntax. The former is a very complex topic, which takes years to learn and you are not nearly going to get it soon. While object syntax is just a syntax - no more no less. Nothing too complicated to worry about, nor any dramatical benefits either