Compare the old MySQL way of doing things:
$productsRS = mysql_query('SELECT * FROM products WHERE Code="' . $productcode . '"');
while($productsRow = mysql_fetch_assoc($productsRS)) {
echo '<p>' . $productsRow['Code'] . '</p>';
// etc
}
With the MySQLi way:
$stmt = mysqli_prepare($link, 'SELECT Code, Category, SubCategory, Manufacturer, ShortDescription, LongDescription, WholesalePrice, RetailPrice, Weight, Size, Colour, TaxRate, ShippingCode, OnSale FROM products WHERE Code=?');
mysqli_stmt_bind_param($stmt, 's', $productcode);
mysqli_stmt_execute($stmt);
$productsRow = array();
mysqli_stmt_bind_result($stmt, $productsRow['Code'], $productsRow['Category'], $productsRow['SubCategory'], $productsRow['Manufacturer'], $productsRow['ShortDescription'], $productsRow['LongDescription'], $productsRow['WholesalePrice'], $productsRow['RetailPrice'], $productsRow['Weight'], $productsRow['Size'], $productsRow['Colour'], $productsRow['TaxRate'], $productsRow['ShippingCode'], $productsRow['OnSale']);
while (mysqli_stmt_fetch($stmt)) {
echo '<p>' . $productsRow['Code'] . '</p>';
// etc
}
Looks like a heap more lot of coding to me!
The reason I want to stick to using associative arrays is because I’ve got a pile of code that already uses them (every tutorial used to recommend using them) and I just want to change the database functions without having to change lots of other code.
Don’t get me wrong, I really want to use prepared statements as I can see that they’re much more secure and could run faster (in some circumstances), but it just seems like a step backwards to me.
Someone has pointed out to me the mysqli_stmt_get_result() function, which can then be used in the mysqli_fetch_array() function to return an associative array. This would be ideal but unfortunately my host is still running PHP 5.2.17 and mysqli_stmt_get_result() is only available from PHP 5.3.0 onwards. So it looks like the PHP guys realised that they needed to provide this functionality and did so in a later version.