I have seen two syntaxes when calling stored procedures that receive parameters in Laravel, both work perfectly:
//Concatenando parametro
DB::select('exec Miprocedimiento "'.$parametro.'"');
//Utilizando ?
DB::select('exec Miprocedimiento ?', array($parametro));
What is the correct way? Is there any difference in terms of performance, security?