Add support for query parameters

[PikalaxALT]

A common attack vector for sql databases is "injection" where a string argument is directly injected into an sql query without sanitization. Several dbapis have controls for this, but in its current state this plugin takes advantage of none of them.

Example of a query with parameters:

quant = conn.query('SELECT quantity FROM inventory WHERE name = $1', input.item_name)

This issue is resolved when a parameters map or tuple can be passed to Channel.fromQuery

Example of what that might look like:

ch = channel.fromQuery('SELECT quantity FROM inventory WHERE name = $1', parameters: [val_item_name])
ch2 = Channel.fromQuery('SELECT quantity FROM inventory WHERE name = $nam'", parameters: [name: val_item_name])