Are there any security considerations to keep in mind when using PHP to interact with databases for form submissions?

// Establish database connection
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "database_name";

$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

// Prepare a SQL statement with parameters
$stmt = $conn->prepare("INSERT INTO table_name (column1, column2) VALUES (?, ?)");
$stmt->bind_param("ss", $value1, $value2);

// Set parameters and execute
$value1 = $_POST['input1'];
$value2 = $_POST['input2'];
$stmt->execute();

// Close statement and connection
$stmt->close();
$conn->close();