SNOW-1646794: Allow binding parameters for parameterized SQL queries

[DenWav]

When using Session.sql there is no way (that I can find, either in the code or searching online) to properly handle parameterized SQL.

Example:

SELECT * FROM users WHERE user_id = ?;

In JDBC / PreparedStatement you can bind a value for ?, rather than resorting to the exceptionally insecure method of concatenating the value into the query directly, which is the only option Snowpark currently provides as far as I can tell.