There is a bug in one version of php and or mysqli that causes prepared statements to not work properly. Prepared statements uses built in mysql functionality to prevent SQL injection. When you turn it off, it uses a webassist version of SQL Injection protection in its place.
It really shouldn't make a difference. In fact the recordset should run a little faster.