Leaving aside the benefit for security, does mysqli prepared statements have any performance benefit?
As I understand it, the prepare stores the query in parsed form at the database server, and when doing execute, then only the data for any values are passed from script to database.
Direct benefit would be that the database only need to parse SQL once, and that less bytes (only the values) are sent on each query.
However, is this not only a benefit if the query is executed repeatedly inside the script, or does MySQL store the prepared statement between requests? If so, for how long?