Comply with Xiphoseer required changes.

Remove the CDClientDatabase::ExecuteQueryWithArgs() function and replace 
it with CDClientDatabase::CreatePreppedStmt().

This prevents a developer from accidently using %s, or incorrectly 
passing std::string, and causing a silent error.

dDatabase/CDClientDatabase.cpp

@@ -13,3 +13,8 @@ void CDClientDatabase::Connect(const std::string& filename) {
 CppSQLite3Query CDClientDatabase::ExecuteQuery(const std::string& query) {
     return conn->execQuery(query.c_str());
 }
+
+//! Makes prepared statements
+CppSQLite3Statement CDClientDatabase::CreatePreppedStmt(const std::string& query) {
+    return conn->compileStatement(query.c_str());
+}

dDatabase/CDClientDatabase.h

@@ -43,15 +43,7 @@ namespace CDClientDatabase {
     //! Queries the CDClient and parses arguments
     /*!
       \param query The query with formatted arguments
-      \return the results of the query
+      \return prepared SQLite Statement
     */
-    // Due to the template, implementation must be in the header.
-    template <typename... Args>
-    CppSQLite3Query ExecuteQueryWithArgs(const std::string& query, Args... args) {
-        CppSQLite3Buffer sqlBuf;
-        sqlBuf.format(query.c_str(), args...);
-
-        std::string safe_query = (const char *) sqlBuf;
-        return ExecuteQuery(safe_query);
-    }
+    CppSQLite3Statement CreatePreppedStmt(const std::string& query);
 };

dDatabase/Tables/CDBehaviorParameterTable.cpp

@@ -59,9 +59,11 @@ float CDBehaviorParameterTable::GetEntry(const uint32_t behaviorID, const std::s
 	}
 
 #ifndef CDCLIENT_CACHE_ALL
-    auto tableData = CDClientDatabase::ExecuteQueryWithArgs(
-        "SELECT parameterID, value FROM BehaviorParameter WHERE behaviorID = %u;",
-        behaviorID);
+	auto query = CDClientDatabase::CreatePreppedStmt(
+        "SELECT parameterID, value FROM BehaviorParameter WHERE behaviorID = ?;");
+    query.bind(1, (int) behaviorID);
+
+	auto tableData = query.execQuery();
 
 	m_Entries.insert_or_assign(behaviorID, 0);