In many programming languages something like this is possible for prepared statements:
PreparedStatement statement = connection.prepareStatement(
"SELECT id FROM Company WHERE name LIKE ${name}");
statement.setString("name", "IBM");
But not with java.sql.PreparedStatement. In Java one has to use parameter indices:
PreparedStatement statement = connection.prepareStatement(
"SELECT id FROM Company WHERE name LIKE ?");
statement.setString(1, "IBM");
Is there a solution to work with string variables like in the first example?
Is "${.*}" not used somewhere else in the SQL language, or are there any conflicts? Cause then I would implement it by myself (parsing the SQL string and replacing every variable by "?" and then doing it the Java way).
Regards,
Kai
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…