The beauty of prepared statements is that you can use them more than once with different parameters. They are called prepared statements because the database engine partially processes the command itself (without the parameter values) before you actually set the values and run the query. This provides a massive speed benefit.
In your case the first two queries seem necessary but the next two are the exact same thing. Prepare a statement with what you need to be run over and over, use some control structure to continually set the parameters to their next value then run the query.
A more generic example of what I'm talking about
PHP Code:
$arr=array('a','b','c','d','e','f');
$DBLink= new mysqli("localhost", "user", "password", "database");
//Bad way
$DBlink->query("
INSERT INTO table VALUES ($arr[0]);
INSERT INTO table VALUES ($arr[1]);
INSERT INTO table VALUES ($arr[2]);
INSERT INTO table VALUES ($arr[3]);
INSERT INTO table VALUES ($arr[4]);
INSERT INTO table VALUES ($arr[5]);
INSERT INTO table VALUES ($arr[6]);
");
//Better code, but the same thing as above.
foreach($arr as $v{
$DBlink->query("INSERT INTO table VALUES ($v)");
}
//Best way
$insertLetters= $DBlink->prepare("INSERT INTO table VALUES (?)");
foreach($arr as $v{
$insertLetters->bind_param('s',$v);
$insertLetters->execute();
}