My worst secret is that I thought this was a serious thread, but then clicked the link and loled at those poor peoples' broken hearts, but I don't want you guys to know I thought the link was mildly funny, so instead, I leave you with this: stop spamming daniweb, you suck.
I suggest to people all the time to use parameterized queries. Cross-forum. C#, VB, ASP.NET. Just now in Java.
I never use them.
*They don't fit how I've developed my reusable data access code and how I generally program data-bound objects. However, I've kicked around ideas of how to incorporate them without completely reinventing the proverbial wheel. Probably moreso out of guilt over always recommending but never using them.