That’s all you need to do the equivalent in MYSQLi too. In both cases you need a second statement to load the value into $row.
mysql example:
$sql = 'SELECT itemname FROM bar WHERE id = 42';
$result = mysql_query($sql, $link);
while ($row = mysql_fetch_assoc($result)) {
echo $row['itemname];
}
mysqli equivalent example:
$sql = 'SELECT itemname FROM bar WHERE id = 42';
$result = $link->query($sql);
while ($row = $result->fetch_assoc()) {
echo $row['itemname'];
}
Almost no difference at all. It is only once you implement prepare statements in order to eliminate any possibility at all of injection that the mysqli becomes slightly more complicated and you get rid of all the escaping at the same time so that’s not much different in the amount of code either but a lot more secure.