Yii includes a database access layer built on top of PHP's [PDO](http://www.php.net/manual/en/book.pdo.php). The database access objects (DAO) interface provides a
uniform API, and solves some inconsistencies that exist between different database applications. Whereas Active Record provides database interactions through models, and the Query Builder assists in composing dynamic queries, DAO is a simple and efficient way to execute straight SQL on your database. You'll want to use DAO when the query to be run is expensive and/or no application models--and their corresponding business logic--are required.
By default, Yii supports the following DBMS:
-[MySQL](http://www.mysql.com/)
-[MariaDB](https://mariadb.com/)
-[SQLite](http://sqlite.org/)
-[PostgreSQL](http://www.postgresql.org/)
-[CUBRID](http://www.cubrid.org/): version 9.3 or higher. (Note that due to a [bug](http://jira.cubrid.org/browse/APIS-658) in
the cubrid PDO extension, quoting of values will not work, so you need CUBRID 9.3 as the client as well as the server)
You may access the primary `db` connection via the expression `\Yii::$app->db`. You may also configure multiple
DB connections in a single application. Simply assign different IDs to them in the application configuration:
```php
return[
// ...
'components'=>[
// ...
'db'=>[
'class'=>'yii\db\Connection',
'dsn'=>'mysql:host=localhost;dbname=mydatabase',
'username'=>'root',
'password'=>'',
'charset'=>'utf8',
],
'secondDb'=>[
'class'=>'yii\db\Connection',
'dsn'=>'sqlite:/path/to/database/file',
],
],
// ...
];
```
Now you can use both database connections at the same time as needed:
```php
$primaryConnection=\Yii::$app->db;
$secondaryConnection=\Yii::$app->secondDb;
```
If you don't want to define the connection as an [application component](structure-application-components.md), you can instantiate it directly:
```php
$connection=new\yii\db\Connection([
'dsn'=>$dsn,
'username'=>$username,
'password'=>$password,
]);
$connection->open();
```
> Tip: If you need to execute an SQL query immediately after establishing a connection (e.g., to set the timezone or character set), you can add the following to your application configuration file:
Once you have a database connection instance, you can execute SQL queries using [[yii\db\Command]].
### Running SELECT Queries
When the query to be executed returns a set of rows, you'll use `queryAll`:
```php
$command=$connection->createCommand('SELECT * FROM post');
$posts=$command->queryAll();
```
When the query to be executed only returns a single row, you'll use `queryOne`:
```php
$command=$connection->createCommand('SELECT * FROM post WHERE id=1');
$post=$command->queryOne();
```
When the query returns multiple rows but only one column, you'll use `queryColumn`:
```php
$command=$connection->createCommand('SELECT title FROM post');
$titles=$command->queryColumn();
```
When the query only returns a scalar value, you'll use `queryScalar`:
```php
$command=$connection->createCommand('SELECT COUNT(*) FROM post');
$postCount=$command->queryScalar();
```
### Running Queries That Don't Return Values
If SQL executed doesn't return any data--for example, INSERT, UPDATE, and DELETE, you can use command's `execute` method:
```php
$command=$connection->createCommand('UPDATE post SET status=1 WHERE id=1');
$command->execute();
```
Alternatively, you can use the dedicated `insert`, `update`, and `delete` methods. These methods will properly quote table and column names used in your query, and you only need to provide the necessary values:
[[Ought to put a link to the reference docs here.]]
In the code above, `[[$column]]` will be converted to a properly quoted column name, while `{{table}}` will be converted to a properly quoted table name.
There's a special variant on this syntax specific to tablenames: `{{%Y}}` automatically appends the application's table prefix to the provided value, if a table prefix has been set:
To securely pass query parameters to your queries, you should make use of prepared statements. First, create a named placeholder in your query (using the syntax `:placeholder`). Then bind the placeholder to a variable and execute the query:
```php
$command = $connection->createCommand('SELECT * FROM post WHERE id=:id');
$command->bindValue(':id', $_GET['id']);
$post = $command->queryOne();
```
Another purpose for prepared statements (aside from improved security) is the ability to execute a query multiple times while preparing it only once:
```php
$command = $connection->createCommand('DELETE FROM post WHERE id=:id');
$command->bindParam(':id', $id);
$id = 1;
$command->execute();
$id = 2;
$command->execute();
```
Notice that you bind the placeholder to the variable before the execution, and then change the value of that variable before each subsequent execution (this is often done with loops). Executing queries in this manner can be vastly more efficient than running each query one at a time.
Performing Transactions
-----------------------
When running multiple, related queries in a sequence, you may need to wrap them in a transaction to
protect your data's integrity. Transactions allow you to write a series of queries such that they'll all succeed or have no effect whatsoever. Yii provides a simple interface to work with transactions in simple
cases but also for advanced usage when you need to define isolation levels.
The following code shows a simple pattern that all code that uses transactional queries should follow:
```php
$transaction = $connection->beginTransaction();
try {
$connection->createCommand($sql1)->execute();
$connection->createCommand($sql2)->execute();
// ... executing other SQL statements ...
$transaction->commit();
} catch(\Exception $e) {
$transaction->rollBack();
throw $e;
}
```
The first line starts a new transaction using the [[yii\db\Connection::beginTransaction()|beginTransaction()]] method of the database connection
object. The transaction itself is represented by a [[yii\db\Transaction]] object stored in `$transaction`.
We wrap the execution of all queries in a try-catch block to be able to handle errors.
We call [[yii\db\Transaction::commit()|commit()]] on success to commit the transaction and
[[yii\db\Transaction::rollBack()|rollBack()]] in case of an error. This will revert the effect of all queries
that have been executed inside of the transaction.
`throw $e` is used to re-throw the exception in case we can not handle the error ourselves and delegate it
to some other code or the Yii error handler.
It is also possible to nest multiple transactions, if needed:
```php
// outer transaction
$transaction1 = $connection->beginTransaction();
try {
$connection->createCommand($sql1)->execute();
// inner transaction
$transaction2 = $connection->beginTransaction();
try {
$connection->createCommand($sql2)->execute();
$transaction2->commit();
} catch (Exception $e) {
$transaction2->rollBack();
}
$transaction1->commit();
} catch (Exception $e) {
$transaction1->rollBack();
}
```
Note that your DBMS should have support for Savepoints for this to work as expected.
The above code will work for any DBMS but transactional safety is only guaranteed if
the underlying DBMS supports it.
Yii also supports setting [isolation levels] for your transactions.
When beginning a transaction it will run in the default isolation level set by your database system.
You can specifying an isolation level explicitly when starting a transaction:
