As an SQL fan, I have lots of SQL statements in my application (right now most are embedded quoted within Java code, but I hope to change that). Of course, we all know the parameterization stuff: ...