• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

can a batch have multiple prepared statements

 
Ranch Hand
Posts: 312
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All
is it possible to have a multiple prepared statements in a batch.
or we can have only one.

normally we have something like this in a batch
PreparedStatement pstmt = null;
pstmt = conn.prepareStatement("insert into emp(empno,ename) values(?,?)");
pstmt.setLong(1,1000);
pstmt.setString(2,"Sam");
pstmt.addBatch();
pstmt.setLong(1,1002);
pstmt.setString(2,�Steve");
pstmt.addBatch(); ...
int results[] = pstmt.executeBatch();

PreparedStatement pstmt = null;
PreparedStatement pstmt1 = null;
pstmt = conn.prepareStatement("insert into emp(empno,ename) values(?,?)");
pstmt.setLong(1,1000);
pstmt.setString(2,"Sam");
pstmt.addBatch();
pstmt1 = conn.prepareStatement("insert into dept(deptno,dname) values(?,?)");
pstmt.setLong(1,10);
pstmt.setString(2,�hrd");
pstmt.addBatch(); ...

can i have somthing like this
Rgrds
Manish
 
Ranch Hand
Posts: 1879
MySQL Database Suse
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
no. But you can batch different SQL updates using the Statement interface.
Jamie
 
Ranch Hand
Posts: 40
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can use Statements for various queries to add in the batch. However 2 things to be considered :
1) Performance while using Statements.
2) If there are any user inputs (in the query) from the front end, like posting a HTML Form. Then there is a possibility of SQL Injection,and the application security can be compromised. SQL Injection is easily possible if u r using Statements, but not so easy with PreparedStatement.
 
Jamie Robertson
Ranch Hand
Posts: 1879
MySQL Database Suse
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Anurag Gupta:
You can use Statements for various queries to add in the batch. However 2 things to be considered :
1) Performance while using Statements.
2) If there are any user inputs (in the query) from the front end, like posting a HTML Form. Then there is a possibility of SQL Injection,and the application security can be compromised. SQL Injection is easily possible if u r using Statements, but not so easy with PreparedStatement.


Not sure what you are saying for consideration 1. Performance is largely dependent on the driver implementation. For Performance using the Oracle drivers, have a look at Java Programming with Oracle JDBC, Chapter 19 - Performance. Even if you are not using Oracle's driver/database, it is a good benchmark for JDBC performance in a general sense as well.
regarding consideration 2, this is more a product of sloppy programming practices, than a deficiency in the Statement/JDBC implementations. If you are wondering what SQL injection is, have a read of Application-Level Attacks ( on Oracle ).
Jamie
 
snakes are really good at eating slugs. And you wouldn't think it, but so are tiny ads:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic