A problem to be avoided is to think that parameters inside a query are like macro-replacements, a kind of Search/Replace inside queries, because they are not. Parameters are ways to identify to the DBMS server the possibility of repeating the same SQL sentence, then it will remember the necessary parameters and the best indexes for this operation. The server will remember this information even after your connection is terminated and will still benefit other users who will execute the same query with different parameters.
Look the full article here.