Broad Network


Free to Download

A MySQL API with High Security

Foreword: You can freely download the Pure PHP MySQL API that comes with high security, below.

By: Chrysanthus Date Published: 19 Jan 2018


PurePHP stands for Pure PHP, meaning PHP software, which does not wrap over C functions. MySQL is a database server that is used to produce databases. API stands for Application Programming Interface. API is software that is placed between two other software and facilitates communication between the two other software. The API here has been written in PurePHP. The PurePHP MySQL API is a library. It was written to provide convenience in installation and convenience in usage and also security, which the equivalent libraries out there cannot provide.

Important politicians' email can be hacked; until you now have ransome-ware. So, you can no longer afford to take any risk. Block it!
You might have opened a social network page and saw information that was not meant for you. That is a big opening for hacking. The MySQL protocol does not provide any mechanism to prevent two or more people from sharing the same connection.
However, the free PurePHP MySQL API stops two or more people from sharing the same connection. Now, block the opening (insecurity) by downloading the free PurePHP MySQL API (below).

Internal Security
In writing the library, the following leaks (cheats) were sealed (prevented) as illustrated:
- In comparisons both the value and value type were taken into consideration.
- === was used instead of == where 0, '0', null, '', false or 1, -1, '1', '-1', 'php', true were concerned.
- Arguments to functions and function return values where used consistently and checked where necessary.
- Inputs from the user were validated.
- require_once() was used instead of include_once().
- Error cheking was thorough.
- Any array was used either as index array or associative array (not both).
- Any calculation that had only integers, was separated from calculation that had both integers and floats.
- The library has been written for php.ini at its default state.
- Unhelpful built-in functions, such as addslashes, were not used.
- After installation, please set all the API files as executable-only (use .htaccess if necessary).

PurePHP MySQL API is better than MySQLi in the sense that it is easier to use, has fewer functions, sealed all known leaks, and does not allow more than one person using the same computer server to share the same connection. It is also better than PDO in the sense that it is easier to use (without preceding any function with object or class name), has fewer functions, and does not allow more than one person using the same computer server to share the same connection.

The API has the following variables, as you will use in your script.

This will hold any error message developed from a query or some other command. The message is for the last issued command or query.
This will hold an OK (success) message, if present; or any other message, if present. The message is for the last issued command.
This will hold the number of warnings the last issued command (or query) has generated.
This is the number of records changed by a command.
This is the last auto-incremented ID of an Insert command, where applicable.
This is an index array of associative arrays that will hold the result set, for queries of the SELECT nature.
This is an array similar to $Result, but it is an index array of index arrays, to economize memory.

This will hold the database name for a result set
This will hold column properties like table names and column names for a result set. It is a two-dimensional array, where one row is for one column.
This will hold the number of rows of a result set.
This will hold the number of columns of a result set.

The function syntaxes as you will use in your script, and their meanings, are given below. On success a function returns true; on failure it returns false. Any error message or other message is got from the appropriate variable above.

The connect("username", "password", "domain_name", port) Function
This function connects the client software to the server software.

If the domain_name has but the 8 number IP address, then the syntax becomes:

    connect("username", "password", "1021:458:0:1234:0:567:8:1", port)

where you actually type the IP address in place of the domain_name.

The select_db("database_name") Function
This function selects a new database for the client.

The query("SQL_stmt") Function
This function takes one argument. The argument is a string, which is a MySQL SQL statement without the ending semicolon. Very many different types of SQL statement can be the argument. The result set returned is held in $Result.

The query_num("SQL_stmt") Function
This function is the same as the query() function, but the result set returned is held in $Result_Num and not $Result, to economize memory.

The stats() Function
This function gets a human readable string of internal statistics, with a list of active threads.

The ping() Function
This function reports whether the server is alive and reachable.

The shutdown() Function
This function can be used by the client who has the shutdown privilege to shutdown the MySQL server.

The close() Function
This function is used to close the connection.

The prepare($string) Function
To prepare a statement; e.g.
$ins = "INSERT INTO pet (name, owner, species, sex, birth, death) VALUES (?,?,'cat','f','2009-03-30',NULL)";


The stmt_reset()
Can be used to reset the prepared statement.

The execute($values)
To execute the previous prepared statement; e.g.


The send_long_value("the long value", placeHolderIndex)
Use this function, before execute().

The stmt_close()
This closes the prepared statement and frees resources at the server.

Maximum Packet Size: unlimited

Stored Procedure and Multiple Statement
Stored Procedure or Multiple statements separated by semicolons, in a query
- query("multi_stmts")
- is supported.

PurePHP MySQL API supports transactions.
- query("transaction_stmts")

Supported; see:
Compressed Data Values with PurePHP MySQL API in the series, Using the PurePHP MySQL API .
Compressed SQL Statements with PurePHP MySQL API in the series, Using the PurePHP MySQL API .

Supported; see:
SSL and TLS with PurePHP MySQL API in the series, Using the PurePHP MySQL API .

Asynchronous Replication
Supported; see:
Asynchronous Replication with PurePHP MySQL in the series, Using the PurePHP MySQL API .

Usage the API
The API is easy to use. You can learn how to use it freely at:

    Using the API

Discussion Group
The discussion group for this software is at:

    Coding by Hand

You may have to register, free, first.

The downloaded library is in a zipped directory. You download it and you unzip it. You will then see the file, Mysql.php, Mysqlcom.php, and the directory, Mysql.

Installation is easy: copy the files, Mysql.php, Mysqlcom.php and the directory, Mysql to the directory, where you have your PHP scripts. That is all! Just begin your PHP scripts with:


You can use it in your commercial website. Assume your PHP scripts in your commercial website are in different directories. After unzipping, place Mysql.php, Mysqlcom.php and the directory, Mysql in one directory of your choice. Just begin all your PHP scripts with:


assuming the URL of the directory of your choice is:

With that you no longer need the API offered by your host company, which is probably not as secured as this PurePHP MySQL API.

You can begin to use the API (functions and variables). Begin work!

The library is free of charge. After reading the agreement, download it at the following link:


Related Links

Using the PurePHP MySQL API
Pure PHP Mailsend - sendmail
More Related Links
Basics of PHP with Security Considerations
PurePerl MySQL API
Perl Mailsend



Become the Writer's Follower
Send the Writer a Message