$host = "localhost";$username ="user";$password = "password";$db = "db";

1. $host = "localhost";
2. $username ="user";
3. $password = "password";
4. $db = "db";
5. $charset="utf8";
6. //old
7. mysql_connect($host,$username,$password) or die("failed to connect");
8. mysql_select_db($db) or die("db not exists");
9. mysql_query("SET NAMES '".$charset."'") or die("failed to set collation");
10.  
11. //new
12. try{
13. $dsn = sprintf("mysql:host=%s;dbname=%s;charset=%s",$host,$db,$charset);
14. $pdo = new PDO($dsn,$username,$password);
15. $pdo->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
16. }catch(PDOException $e){
17. die($e->getMessage());
18. }
19.  
20.  
21. //old
22. $sql = "SELECT * FROM table WHERE foo = '".mysql_real_escape_string($_GET['foo'])."'";
23. $result = mysql_query($sql) or die("failed to execute sql ".mysql_error());
24. while($row = mysql_fetch_assoc($result)){
25. echo $row['field1'];
26. }
27.  
28. //new
29. $sql = "SELECT * FROM table WHERE foo = ".$pdo->quote($_GET['foo']);
30. try{
31. $statement = $pdo->query($sql);
32. }catch(PDOException $e){
33. die("failed to execute sql ".$e->getMessage());
34. }
35.  
36. while($row = $statement->fetch(PDO::FETCH_ASSOC)){
37. echo $row['field1'];
38. }