## The often-overlooked `mysqli_query()` function in PHP

The `mysqli_query()` function is a powerful tool for interacting with MySQL databases in PHP. It allows you to execute SQL queries and retrieve the results. Despite its importance, `mysqli_query()` is often overlooked in favor of more commonly used functions like `mysql_query()`. However, `mysqli_query()` offers a number of advantages over its predecessor, including improved security and performance.

### Syntax

The syntax for `mysqli_query()` is as follows:

“`php
mysqli_query(mysqli $link, string $query [, int $resultmode]) : mixed
“`

The following parameters are required:

* `$link`: A valid MySQLi connection resource, created with `mysqli_connect()`.
* `$query`: The SQL query to be executed.

The following parameter is optional:

* `$resultmode`: A constant that determines how the results of the query are returned. The default value is `MYSQLI_STORE_RESULT`.

### Return value

The `mysqli_query()` function returns a `mysqli_result` object on success, or `FALSE` on failure.

### Usage

To use `mysqli_query()`, simply pass a valid MySQLi connection resource and an SQL query to the function. The following example shows how to execute a simple SELECT query:

“`php
$link = mysqli_connect(“localhost”, “my_user”, “my_password”, “my_db”);

$result = mysqli_query($link, “SELECT * FROM my_table”);

if ($result) {
// Process the results
}
“`

The `mysqli_query()` function can also be used to execute more complex queries, such as those that use parameters or multiple statements. For example, the following query uses a prepared statement to insert a new row into a table:

“`php
$link = mysqli_connect(“localhost”, “my_user”, “my_password”, “my_db”);

$stmt = mysqli_prepare($link, “INSERT INTO my_table (name, email) VALUES (?, ?)”);

mysqli_stmt_bind_param($stmt, “ss”, $name, $email);

$name = “John Doe”;
$email = “john.doe@example.com”;

mysqli_stmt_execute($stmt);

mysqli_stmt_close($stmt);
“`

### Advantages over `mysql_query()`

The `mysqli_query()` function offers a number of advantages over the older `mysql_query()` function, including:

* Improved security: `mysqli_query()` uses prepared statements by default, which helps to prevent SQL injection attacks.
* Enhanced performance: `mysqli_query()` uses a more efficient query engine than `mysql_query()`, which can result in faster execution times.
* Better error handling: `mysqli_query()` provides more detailed error messages than `mysql_query()`, making it easier to troubleshoot problems.

### Conclusion

The `mysqli_query()` function is a powerful and versatile tool for interacting with MySQL databases in PHP. It offers a number of advantages over the older `mysql_query()` function, including improved security, performance, and error handling. If you are working with MySQL databases in PHP, I encourage you to use `mysqli_query()` instead of `mysql_query()`.