Why shouldn't I use mysql_* functions in PHP?

The mysql_* functions in PHP are deprecated, meaning that they are no longer recommended for use and will likely be removed in a future version of PHP. Instead, you should use the mysqli_* functions or the PDO_MySQL extension. These newer functions are more efficient and provide better security features.

One of the main reasons to avoid the mysql_* functions is that they are vulnerable to SQL injection attacks. SQL injection is a type of security vulnerability that allows an attacker to execute arbitrary SQL code on your database server. The mysqli_* and PDO_MySQL extensions both provide better protection against SQL injection by using prepared statements and parameterized queries.

Watch a course Learn object oriented PHP

In summary, it is generally a good idea to avoid using the mysql_* functions in PHP in favor of the mysqli_* functions or PDO_MySQL extension. This will help ensure that your code is more secure and efficient, and will be more compatible with future versions of PHP.