Mysqli prepared statement (SQL injection prevention)

Question

after stopping the use of deprecated mysql_* functions, I switched to mysqli. But then, I noticed that non-prepared statements are non-secure against SQL injection. Then, I

Answer 1

Take a look at this post:

Are PDO prepared statements sufficient to prevent SQL injection?

It's using PDO instead of MySQLi, which is solving the same problem by creating prepared statements.

Sorry for not answering your question, but just wanted to provide a resource for you to consider.