This is a design question, I've been thinking about this for a while.
I would like to separate the SQL queries inside independent files or memory locations (for faster access).
The queries will be stored like this:
SELECT .... WHERE col = ?
When the query is needed, it is fetched from it's location.
A (less maintainable) example alternative would be:
$sql = "select ..... where col=". prevent_injection($val) ." and ....";
Benefits:
- total separation of the queries: the web developers and the DBAs can work specifically to their role
- cleaner queries
Disadvantages:
- requires a bit of coordination on what each ? means, which is necessary anyway in a big team
- sourcing the SQL at runtime may slow things down a bit, but caching can be used
Any feedback on this approach?