commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Germuska <>
Subject Re: [dbutils] StringUtils proposed methods
Date Mon, 11 Nov 2002 17:40:01 GMT
At 12:23 PM -0500 2002/11/11, Henri Yandell wrote:
>Looking at these, it seems that the first and third are easier done by
>using a PreparedStatement, which knows more about exactly how the
>particular database likes to escape a ' etc.
>Is there a big need to provide a String method here, or should people just
>be upgrading to the PreparedStatement?

I have two reasons for building SQL statements from strings instead 
of using prepared statements:

* if you're not iterating through repeated queries, the overhead of 
creating a prepared statement is wasted -- this isn't a critical 
optimization, but it is one argument against using prepared 
statements for one-off queries.  (See, tip #3)

* When developing, it can be substantially easier to debug JDBC 
problems when you can see the values which were used in the SQL 
statement; this is easier done by printing a complete SQL statement 
than by reconstructing it.

I think these are pretty good reasons for leaving the choice up to 
users of the library, instead of steering people straight to 
PreparedStatements in all cases...


* Joe Germuska    { }
"It's pitiful, sometimes, if they've got it bad. Their eyes get 
glazed, they go white, their hands tremble.... As I watch them I 
often feel that a dope peddler is a gentleman compared with the man 
who sells records."
	--Sam Goody, 1956

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message