Last Updated: July 15, 2025
Syntax Basics
| Element | Syntax |
|---|---|
| PHP Tags | <?php ... ?> |
| Variables | $name = "value"; |
| Constants | define("NAME", "value"); |
| Concatenation | $full = $first . " " . $last; |
| String Interpolation | "Hello, $name" |
Arrays
| Type | Example |
|---|---|
| Indexed | $arr = [1, 2, 3]; |
| Associative | $arr = ["key" => "value"]; |
| Multidimensional | $arr = [["a", "b"], ["c", "d"]]; |
| Array functions | count(), array_push(), array_merge(), array_filter() |
Functions & OOP
| Feature | Syntax |
|---|---|
| Function | function greet($name) { return "Hi $name"; } |
| Class | class User { public $name; function __construct($n) {$this->name = $n;} } |
| Inheritance | class Admin extends User { } |
MySQL Connection (PDO)
$pdo = new PDO("mysql:host=localhost;dbname=test", $user, $pass);Connect with PDO — use prepared statements
$stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");Prepared statement prevents SQL injection
$stmt->execute([$id]); $row = $stmt->fetch();Execute with bound parameters
Pro Tip: Always use PDO with prepared statements — never concatenate user input into SQL queries. mysqli_real_escape_string() is NOT enough. PDO prepared statements are the only safe way.