Don't rewrite.
Refactor.
Rewrite by refactoring.
At work today I re-used a tool I created a year ago!
java.sql.PreparedStatement
does not currently support "named parameters".
It support positional parameters written with "?" symbols, like:
SELECT * FROM source WHERE id = ?
Then you set each positional parameter by index one by one like:
setInt(1, 42)
When you have to write extremely complicated, conditionally constructed SQL as discussed previously, keeping track of where to insert what is non-trivial.
Some libraries support named parameters,
which replace the "?" with something like ":userid".
Named parameters are great, but they involve bringing in the whole library and/or framework that supports them. If you have to send your SQL to multiple destinations, some JDBC, some raw SQL, some other API, ... then you don't want to be constrained by what the library supports.
Anyway, for better or worse, I created a pattern for easily tracking parameter values.
Maybe this weekend I'll write about the pattern, think a bit more about the pros and cons, and see if I missed any significantly better patterns.