prepared-statement

Using ? in a query really avoids SQL injection ? Avoid 100%? I saw this code and heard a lot of people talking about it, sa ... ase and how to use? Could anyone give a better example? $query = "SELECT * FROM tabela WHERE username = ? OR username = ?";

What exactly does prepare do? For example, does it encrypt, or something like that? Because, being honest, I use the method, ... ml> In the ali case, without using prepare it would work the same way. Or not? He performs what "under the cloths"?