Proper MySQLi parameterized query syntax from http://php.net/manual/en/mysqli.quickstart.prepared-statements.php:
$stmt = $mysqli->prepare(\"INSERT INTO test(
MYSQLi
doesn't support named parameters for two main reasons:
PDO
, does - and there is no point re-inventing the wheel To elaborate on point 1: mysqli
, despite its many downfalls when compared to PDO
, becomes easily comparable with a good wrapper - that is, named parameters (among others) are supported by the wrapper rather than mysqli
itself. This is by design for one sole reason:
Mysqli
is designed to be a fast and flexible library. If the developers incorporated many more features into the base library, it becomes, counter intuitively, less flexible and requires longer load/execution times.
Both mysqli
and pdo
were released with PHP 5 (PDO with version 5.3, I believe) and as such are intended for different uses.
You want faster execution times? use mysqli
without a wrapper. You want named parameters? use PDO
or build a mysqli
wrapper to handle such - but be warned, this will hinder your execution times.
MySQLi, traditionally, is a very thin wrapper for the MySQL API. It doesn't add anything on its own and for a reason: adding such features as named placeholders will require, if you think of it, a whole leviathan of SQL query parsing. Definitely, it is not a job for a database API. Like it is said in the other answer, API is not a DAL or DBAL; they serve for different purposes.
PDO was a great feat you hardly would see again in the language and Wes Furlong is a genius who undertook the task almost single-handedly. But again, PDO is a different story. It's a database access abstraction layer, and to achieve this goal you need a query parser, like it or not. And as you already have a query parser and one of drivers already supports named placeholders, it would be natural to add it to all supported drivers. As you can see, with MySQLi it is all different.
To put it short, it is not about "laziness"; it is about following the specification.