How to use MySQLi Prepared Statements with Stored Procedures

I'm trying to learn more about MySQL and how to protect against SQL injections so my research has brought me to Prepared Statements which seems to be the way to go.

I'm also working on learning how to write Stored Procedures and am now trying to combine the two. There isn't much info on this though.

At the moment in my PHP test app I have a function that calls an SP with a normal MySQL command like this:

mysql_query("CALL usp_inserturl('$longurl', '$short_url', '$source')");

How can I do the same with MySQLi and a Prepared Statement to make it as safe as possible to injections?

Thanks!