As far as I understand, prepared statements are (mainly) a database feature that allows you to separate parameters from the code that uses such parameters. Example: A parameterized query substitutes the manual string interpolation, so instead of doing we can do Now, it seems that prepared statements are, for …