Statement sta=con.createStatement(); ResultSet rst=sta.executeQuery("select * from book");
Statement sta=con.createStatement("select * from book"); ResultSet rst=sta.executeQuery();
PreparedStatement pst=con.prepareStatement(); ResultSet rst=pst.executeQuery("select * from book");
PreparedStatement pst=con.prepareStatement("select * from book"); ResultSet rst=pst.executeQuery();
1.提高可读性和可维护性;
2.最大程度的提高性能。PreparedStatement的第一次执行消耗是很高的. 它的性能体现在后面的重复执行(缓存的作用). 例如, 假设我使用Employee ID, 使用prepared的方式来执行一个针对Employee表的查询. JDBC驱动会发送一个网络请求到数据解析和优化这个查询. 而执行时会产生另一个网络请求.
String sql = "select distinct loan_type from loan where bank=?"; PreparedStatement preStatement = conn.prepareStatement(sql); preStatement.setString(1, "Citibank"); ResultSet result = preStatement.executeQuery();
String sql = "select * from users where username='" + username + "' AND " + "password='" + password + "'"; statement = connection.createStatement(); resultSet = statement.executeQuery(sql);