PHPLOVER PHPLOVER - 2 months ago 14
MySQL Question

MySQLi Prepared Statements?

I have decided to take the plunge into the improved MySQL by using MySQLI .

Problem is I cannot find any in-depth yet simple tutorials online. The ones I have found are very short and or does not really explain anything. I know you have the PHP website but to tell you the truth it is really not a easy tutorial to follow, it's a manual and it's confusing for most of the time.

Does anyone know of any good tutorials for a MySQLI newbie? I know the normal MySQL but nothing about MySQLI. I also need tutorials on how you fetch data etc using using mysqli etc as I am not sure if it differs with MySQLi ?

Also can someone tell me why is it that people say you don't have to use

mysql_real_escape_string()
with MySQLI yet they have a MySQLI version as:
mysqli_real_escape_string()
? - I am very confused about this and want to ensure I understand and get this right.

Although I understand there are performance gains etc with MySQLI for me personally my main purpose to switching is to avoid SQL injections, as I have been reading SQL injections are a thing of the past with MySQLI yet I am not sure if that's true, especially since I found a mysqli_real_escape_string() for use with MySQLI.

Some video tutorials would be great to if anyone know of any on top of written tutorials, I find video tutorials more easier to understand when someone is speaking as they are typing and explaining things.

Answer Source

I found these two articles very helpful:

Also, to learn about MySQL prepared statements in general:


About the function mysqli_real_escape_string(), I think they have it for when you are using Mysqli, but not the prepared statements. Because it's not mandatory to use them in order to use Mysqli, actually in some cases they are not advised.

I don't know about a video tutorial, but I hope this is helpful.