File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JDBC and the fly likes jdbc Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Databases » JDBC
Bookmark "jdbc" Watch "jdbc" New topic
Author

jdbc

Chandrashekhar Telang
Greenhorn

Joined: Nov 28, 2003
Posts: 7
Hi

i urgently need to build a dynamic query builder using prepared statement
how an a dynamic select query having multiple parameters can be built?
For. e.g. select * from xyz where a=? AND|OR b=? AND|OR c=? where occurence of a,b,c can be known only at runtime from user selection of parameters to the query builder also the parameter types also could vary such as String, int or a double? also clauses AND or OR can occur in between the parameters. Any Help would be highly appreciated.
thanks in advance.

Chandrashekhar
Adeel Ansari
Ranch Hand

Joined: Aug 15, 2004
Posts: 2874
Why using PreparedStatement is a must?
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 29220
    
135

I don't see this being easier with a Statement over a PreparedStatement. And a PreparedStatement caches the execution plans for when the dynamic SQL happens to be ths same.

Building a statement or prepared statement is just a matter of logic (in java) to assemble the pieces separated with AND/OR. I'm not sure I understand the question.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
James Carman
Ranch Hand

Joined: Feb 20, 2001
Posts: 580
Using PreparedStatements can be safer, though. Consider the case where you're substituting in values typed from the user on a webpage (or somewhere else). If they "Jim's Bar and Grill", you have to make sure you escape the ' character if you try to just build the SQL string dynamically. But, if you use a PreparedStatement and set the parameters, this is done for you.


James Carman, President<br />Carman Consulting, Inc.
Adeel Ansari
Ranch Hand

Joined: Aug 15, 2004
Posts: 2874
I was just asking the reason, nothing else.
If you can do it with Statement then you can also go with PreparedStatement. PreparedStatement is better.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: jdbc
 
Similar Threads
SQL query
Using oracle Rownum with between keyword
EJB QL - Joining two entities
JPA native Query - Select... where... IN, How to set list of values to setParameter()?
enums in ejb queries