Changing this from MySQL to MySQLi? [closed]

Answer 1

Here's what you need to do:

1. Read the overview so that have an understanding of the differences/advantages.

2. Consult the old -> new function summary on the PHP site and get your existing code up and running with the mysqli interface.

3. Take advantage of the improvements (such as using prepared statements) otherwise this is a futile exercise. (By default mysqli really isn't any more secure than mysql.)

Answer 2

One of the reasons MySQLi is more "secure" is because it offers a different interface, which is better in many ways. Instead of trying to translate your code directly, learn the new interface and use it. If that's all your code, it wouldn't be easy to rewrite from scratch, and which is more important, look up the equivalents (and alternatives) for everything you're doing in the code that you pasted.

For starters, you should use $mysqli->prepare with parameters instead of interpolating variables like you're doing.

http://www.php.net/manual/en/mysqli.prepare.php