Placeholders are the only way to deal with this matter, to avoid the Bobby Tables problem. (The cartoon on the front page of the site at this link says it all.)
What if the value that made it into $count ... by whatever means ... consisted of: “23); DROP TABLE arabic_corpus;”?? If your application connects to the database with a user-id powerful enough to issue a DROP TABLE statement and have it “stick,” your table is now gone. (And unfortunately, many applications built by lazy programmers simply connect with a single user-id that is all-powerful.) SQL injection ...
And by the way, another good reason is efficiency. prepare() a statement-handle once, for a statement that includes placeholders. Then, repeatedly execute the prepared statement, changing the placeholder values as often as necessary. The overhead of preparing the statement (such as it is ...) occurs only one time. And, if you put those inserts into a transaction of reasonable size (when using certain kinds of databases), now you would really see some improved speed.