The answer is one: we should not use functions of the "mysql" extension because its development has been discontinued ; the extension has become obsolete , meaning code that uses these functions will not work in future versions of PHP .
A user of the Stack Overflow website wrote:
There is no security problem with the library itself, but rather with library users ) .
Voting to discontinue ( deprecate ) or not resulted in 25 votes in favor and 12 votes against . It was a good majority, but it was not a unanimous decision. See the official source .
In this same source, another developer wrote:
The extension is not broken. The problem is the bad usage. ( Extension has no defects.) The problem is the misuse It can be used safely, and good developers have been doing this for years.)
The quote below, also from that same official document, points to the true reasons for discontinuing the extension:
ext / mysql is hard to maintain code. It is not getting new features.
Keeping it up to date for working with new versions of libmysql or
mysqlnd versions is work, we probably could spend that time better.
(The mysql extension contains code that is difficult to maintain.
receiving new features. Keep it up-to-date to work with
new versions of libmysqld and mysqlnd are laborious; we could
be using this time better.)
In other words: " Why have a job to keep this old code? " - for as new versions of MySQL (and its "client libs" ") are released, the extension needs to be updated ...
... and in addition there are already the extensions mysqli (most modern) and the PDO alternative ... so ... why keep on keeping? Let's discontinue? There, 25 voted "yes", 12 voted "no", and the decision was made.
When I started with PHP there was no PDO extension. I used the "mysql" extension, like most, until I worked on a project using "mysqli" and learned the advantages, and have always preferred it since.
Soon after, I wrote a couple of classes that extend the originals of the mysqli extension, and I use them to this day in pure PHP, ie when I'm not using a framework like Laravel, with its "Fluent" and its "Eloquent", Symfony with "Doctrine", etc ...
For me, accustomed to the little details of preparing "LIKE" clauses, the "black box" of these "prepared statements", "Active Record" or "ORM" was viewed with suspicion. This phase has passed, and today I am a fan of Eloquent that comes with Laravel 4 ...
After posting all of the above, I felt it necessary to stress the importance of the " not getting new features " factor in the decision to discontinue the extension. That means: although it is the fastest (best performance) in the execution of simple tasks, it lacks the full range of functionalities that the alternative extensions (mysqli and PDO) contain ( transactions , SSL support etc ) - a point that was highlighted in other answers here.