This week's book giveaway is in the General Computing forum. We're giving away four copies of Arduino in Action and have Martin Evans, Joshua Noble, and Jordan Hochenbaum on-line! See this thread for details.
Below are the steps involved to execute normal query using Java.
1.Java code will transfer the query to database
2. Database will compile the query.
3. Database will execute the query.
For prepared statement, first time all three steps will take part but from 2nd time onwards, step 1 and 3 only takes part in execution. Step -2 will be eliminated.
But for statement all thee steps will take part in execution of a query. It means that prepared statement is pre-compiled. Due to this, prepared statement is better in view of performace and in view of sql injection both.