1: Prepared statements filter the variables. This helps reduce the SQL Injection attack surface.
2: If you are in a loop, creating the prepared statement outside of the loop and then just changing the variable is faster. Now, this brings up the question, why are yo doing SQL in a loop. But that is a different problem to solve. ?
@NogDogauthorSep 14.2016 — #Just wanted to point out that I wasn't asking a question, just making an excuse to post a link to a possibly humorous, related image. ?