You specify the variable placeholders using symbols that begin with a dollar sign.
You then prepare the statement using the prepare method.
You can then call the prepared statement on the database object with a hash specifying the values for each variable.
Prepared statements make it so the database only needs to plan the query once, which can be much faster if the database spends more time planning the query than executing it.