[fjp]

Agreed - For example in SQLAlchemy, you have:

1) Super high level - my_record_object.filter(whatever)

2) Common query api: my_table_object.select.where(whatever).limit(whatever) etc etc

3) Straight up SQL execution: db_engine_object.connection.execute(Sql query as string)

There are tools to safely interpolate arguments into SQL query templates for use in #3 too. What else could you want in the vast majority of applications?