There's hardly anything wrong with looping and a prepared statement. At least this way you only send the data chunk between the dbms and the PHP instead of the whole statements, so that's okay. It is admittedly more complex to use an IN with a prepared statement if you don't know the exact number of options:
Personally I'd say using a loop and binding single params is easier. Means more going out to the dbms, but even so you shouldn't see any significant change from using an IN clause.
$a = array(1, 17, 19);
$sIn = implode(', ', array_fill(0, count($a), '?'));
$sQry = "SELECT * FROM mytableofnames WHERE id IN ($sIn)";
if ($stmt = $db->prepare($sQry))
$aParams = array(str_repeat('i', count($a)));
foreach ($a AS &$itm)
$aParams = &$itm;
call_user_func_array(array($stmt, 'bind_param'), $aParams);
printf('%d: %s' . PHP_EOL, $id, $name);
Still not seeing the need for msgArray. If you are referring to everything, than what reason would you need to send this information back to the server for? The server came up with the data in the first place, so would it not be easier to update on the same criteria that the select was given if it detects that the selectAll checkbox has been selected?
Always assume that there is no JS available. JS should be massaged to talk to PHP, not the other way around.
BTW, using PDO would actually be easier for an IN clause. The PDO library binds on a call by call basis while the mysqli only allows a single call to bind.