Honestly db-related I'm not sure what's the "state of the art", but considering this level of methods splitting (that would be quite interesting I think), it would probably be more consistent and flexible to follow the schema provided by the current db::insert(), so instead of passing the "raw" query, pass arrays of fields so that the db-layer could reassemble them the way it likes.
For example update could be:
public function update($query_id = '', $table, $columns, $data, $conditions = '', $disable_trans = false, $connection = null)
{
global $db_prefix;
$connection = $this->getConnection($connection);
// With nothing to insert, simply return.
if (empty($data))
return;
// Replace the prefix holder with the actual prefix.
$table = str_replace('{db_prefix}', $db_prefix, $table);
$updateData = '';
foreach ($columns as $columnName => $type)
{
if (isset($data[$columnName]))
{
$updateData .= '
' . $columnName . ' = ';
// Are we restricting the length?
if (strpos($type, 'string-') !== false)
$updateData .= sprintf('SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $columnName);
else
$updateData .= sprintf('{%1$s:%2$s}, ', $type, $columnName);
}
}
$updateData = substr($updateData, 0, -2);
if ($conditions !== '')
$conditions = 'WHERE ' . $conditions;
// Create an array consisting of only the columns.
$indexed_columns = array_keys($columns);
// Here's where the variables are injected to the query.
$updateRows = array();
foreach ($data as $dataRow)
$insertRows[] = $this->quote($updateData, array_combine($indexed_columns, $dataRow), $connection);
$data['db_error_skip'] = $table === $db_prefix . 'log_errors';
// Do the insert.
$this->query($query_id, '
UPDATE ' . $table . '
SET' . $updateData . '
' $conditions,
$data,
$connection
);
}