With this modification we can enjoy the security benefits of having
prepared-statement-alike additional parameters.  To do this, the
additional parameters should be passed after the statement in the
execute method.

This means that a new prepared statement will be created on each
execute call, so don't expect big a performance increase.

Maybe in a distant future a LRU cache of prepared statements could be
added.

As in SQLite3, we now support prepared-statements-alike passing of
optional parameters by using the PQexecParams function, and since adding
support for binary types is not an easy task, any argument is converted
to a string before being sent and converted back to the expected type by
PostgreSQL... in any case this is better than nothing.

You may want to use a cast ``::type'' if it's not inferred. Example:

> db = require'luasql.postgres'.postgres():connect('')
> assert(db:execute('create table t(a int)'))
> assert(db:execute('insert into t values($1)', 17))
> res = assert(db:execute('select $1+$2::int, a from t where a>$1', 3, 4))
> =res:fetch()
7	17

  Since sqlite3_bind_text is binary safe, binding as text can be done
  without worries.

  This eliminates the need for escaping parameters, since now they
  can be specified as additional arguments to execute.

  This function can be used by all the drivers simplifying
  the logic, requiring only to implement conn:prepare(sql)
  and stmt:execute(...).