The other benefit of this is that it is the most performant way of calling an SP. The mechanism allows the SQL engine to very efficiently produce the parameterised query that is used to determine reuse later on. i.e. two calls using this method are more likely to reuse the sam equery plan. Unlike two calls where the SQL is built dynamically.

You can also do this with normal SQL to avoid injection

use a command text of 'select * from orders where orderid = @orderid' and create a parameter called @orderid and set the value.