Prepared Statement Example



Prepared statements use question marks (?), which are placeholders for where actual values that will be used in the SQL should be “plugged” .

 java.sql.PreparedStatement stmt = connection.prepareStatement("SELECT * FROM table WHERE EMAIL = ?");
stmt.setString(1, email);
stmt.executeQuery();

 In JDBC, when we call connection.prepareStatement,the prepared SQL template is sent to the Database with the placeholder values (the “?”) left blank. Then, the Database will parse, compile, and perform query optimization on the template. After that, the Database will store the optimized query plan.

 What are the advantages of using prepared statements?
1. They provide better performance. Even though a prepared statement can be executed many times, it is is compiled and optimized only once by the database.
2. They can prevent SQL injection attacks.
This is because the query is first compiled and optimized, then the user input would be sent to replace the placehodler, there is no way the data input by a hacker can be interpreted as SQL.

 Read full article from Prepared Statement Example

Labels:

1 comment:

  1. PriskaAugust 26, 2020 at 4:21 AM

    Superb, what a weblog it is! This website presents helpful information to us, keep
    it up.

    In addition to this post, we can also learn more form here -

    https://www.etutorialspoint.com/index.php/tutorial/mysqli-introduction

    ReplyDelete

Subscribe to: Post Comments (Atom)

Labels

Algorithm (219) Lucene (130) LeetCode (97) Database (36) Data Structure (33) text mining (28) Solr (27) java (27) Mathematical Algorithm (26) Difficult Algorithm (25) Logic Thinking (23) Puzzles (23) Bit Algorithms (22) Math (21) List (20) Dynamic Programming (19) Linux (19) Tree (18) Machine Learning (15) EPI (11) Queue (11) Smart Algorithm (11) Operating System (9) Java Basic (8) Recursive Algorithm (8) Stack (8) Eclipse (7) Scala (7) Tika (7) J2EE (6) Monitoring (6) Trie (6) Concurrency (5) Geometry Algorithm (5) Greedy Algorithm (5) Mahout (5) MySQL (5) xpost (5) C (4) Interview (4) Vi (4) regular expression (4) to-do (4) C++ (3) Chrome (3) Divide and Conquer (3) Graph Algorithm (3) Permutation (3) Powershell (3) Random (3) Segment Tree (3) UIMA (3) Union-Find (3) Video (3) Virtualization (3) Windows (3) XML (3) Advanced Data Structure (2) Android (2) Bash (2) Classic Algorithm (2) Debugging (2) Design Pattern (2) Google (2) Hadoop (2) Java Collections (2) Markov Chains (2) Probabilities (2) Shell (2) Site (2) Web Development (2) Workplace (2) angularjs (2) .Net (1) Amazon Interview (1) Android Studio (1) Array (1) Boilerpipe (1) Book Notes (1) ChromeOS (1) Chromebook (1) Codility (1) Desgin (1) Design (1) Divide and Conqure (1) GAE (1) Google Interview (1) Great Stuff (1) Hash (1) High Tech Companies (1) Improving (1) LifeTips (1) Maven (1) Network (1) Performance (1) Programming (1) Resources (1) Sampling (1) Sed (1) Smart Thinking (1) Sort (1) Spark (1) Stanford NLP (1) System Design (1) Trove (1) VIP (1) tools (1)

Popular Posts