What are the potential security risks of using "mysql" instead of "mysqli" in PHP code?

Using "mysql" instead of "mysqli" in PHP code can pose security risks as the "mysql" extension is deprecated and lacks important security features such as prepared statements and parameterized queries. This can make your code vulnerable to SQL injection attacks. To mitigate these risks, it is recommended to use the "mysqli" or PDO extension in PHP for interacting with MySQL databases.

// Connect to MySQL using mysqli extension
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "database";

$conn = new mysqli($servername, $username, $password, $dbname);

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}