Right, but you should get rid of mysql queries as soon as possible.
Also mysqli supports bind params as well php.net/manual/ro/mysqli-stmt.bind...
For large projects, the bind parameter requires you to go to every file on your project and change the code to make it use bind_parameter, but this way all you need to do is to change your header file once for all of the project files and all of your code are secured from SQLi.
What is a header file?
The header file is the mail file which his included on all of your code files.
like head.php or up.php in some CMSes.
This header file runs on every request to your website.
I hope you got it.
Ok. You mean like a global config. I thought you meant like the classic beginner style "header.php" that contains all of the config code and database connection and html of the website layout html > head > body > header id=header