Just a question here - but is PDO really more secure than mysqli, if so how?
It’s not a question of security between prepared queries in PDO and mysqli, (true prepared queries are equally secure in both), but one of simplicity and consistency with the PDO extension over the mysqli extension.
There’s also an added benift if you ever have to use a non-MYSQL database the likelihood is you can still use PDO; whereas, you will be SOL with mysqli.
That’s what I thought, If you are happy with procedural and only use Mysql then mysqli is fine, there is no reason to change. PDO is not more secure and you do not need to change for security reasons! I just keep seeing advice in posts - change to PDO it is more secure ! which is basically wrong info
You seem to have had this question before. Please reread the replies already given - PDO or MySQLI