Just generally, don't write SQL queries as strings. An ORM is one option, language-level extensions another. But for that you need some good macros in your language - or convince the maintainers of your compiler to add it to the language (like Microsoft did in C#).
No comments yet.