Parameterizing reduces SQL preparation time. Data variable information is bound to the database variable. The command object algorithm considers, such things as, is the variable value a NULL value, are there single quotes in strings, what is the precision of numeric types, and inserting of special tokens for dates dependant on the database type. If you do not use parameterizing of fields to the command object, you will need to consider special formating of data bound to the database field.

  Private sub LoadReaderWithParameter
  dim SQL
        sSQL="select * from member where lastname=@ParameterField1 order by lastname"

        objCmd = New OleDb.OleDbCommand(sSQL, objConn)
        objCmd.Parameters.Add("@ParameterField1", sParameterField1)
        objReader = objCmd.ExecuteReader()

 end sub