Support parameterized queries

[brendanlong]

Right now there doesn't seem to be any safe way to pass strings into the queries.

It would be nice if dbsafestr was exposed, and even nicer if there was a way to pass parameters to queries, like Dblib.exec db "SELECT * FROM x WHERE a = %s and b = %d" ~params:[String "a", Int 2]