It's not a matter of preference: it's a matter of secure or insecure. The mysql extension for PHP doesn't support prepared statements and as such is inherently less secure than any other mechanism for working with MySQL (The mysqli extension and PDO being the two alternatives for PHP). But losvedir's point is that the number of tutorials that use the mysql extension's API far outweighs the number of tutorials that use PDO or mysqli, and that those tutorials are often very poor quality (ie: contain SQLI).