本地准备的陈述：它们是如此有限？

An informative-sounding blog post from 2006 states these facts about using native prepared statements in PDO:

1. Native prepared statements cannot take advantage of the query cache, resulting in lower performance.
2. Native prepared statements cannot execute certains types of queries, such as "SHOW TABLES".
3. Native prepared statements don't correctly communicate column lengths for certain other "SHOW" queries, resulting in garbled results.

How much of this is still true today?

No, this is not true if you are using a recent MySQL version. At least to the most part.

1. Prepared statements make use of the query cache since MySQL 5.1.17.

2. Nearly all SQL statements can be run as prepared statements. You can find a list in the MySQL docs. SHOW TABLES in particular is not in that list, but in all honestly, have you ever used that SQL statement from PHP?

3. I don't know anything about that, but I'd assume that it is fixed.

Don't forget that the emulation of prepared statements is not encoding-safe and as such may (depending on the exact condition) still allow SQL injections.

1. falae. As of MySQL 5.1.17 the query cache works with prepared statements
2. Why would you need to prepare a statement to do a SHOW TABLES?
3. Can you cite a source for that? I've personally not had any issues