Connect to SQL Server through ODBC and use parametrized statements. Is this secure enough?

Question

I\'m creating an ODBC class to connect to my SQL Server. I prefer to use parametrized statements using ODBC over PDO, so will the code below protect me from SQL injection th