why MySQLi prepared statements? -

what advantages of using prepared statements mysqli?

if purpose secure query, isn't better clean query using mysqli_real_escape_string instead of writing many lines of code each query (like prepare, bind_param, execute, close etc.)?

preparing statements not code security. helps sql server parse statement , generate execution plan query.

if run select 1000 times sql server have parse, prepare, , generate plan on how data 1000 times.

if prepare statement run prepared statement 1,000 times each different bound values statement parsed once , same query plan used each time.

this helps not when run 1,000 queries inside script if have 1 statement , run script 1,000 times. server can remember plan server side. next time script runs use same plan again.

sure may seem trivial 1 or 2 queries when start executing large numbers of queries or same query repeatedly save lot of processing time.