The difference between the statement,preparedstatement,callablestatement of JDBC

Statement, PreparedStatement, callablestatement differences and linkages

1. Statement, PreparedStatement, and CallableStatement are all interfaces (interface).

2. Statement inherit from wrapper, PreparedStatement inherit from statement, CallableStatement inherit from PreparedStatement.

3. The statement interface provides a basic method for executing statements and obtaining results;
The PreparedStatement interface adds a method for handling in parameters;
The CallableStatement interface adds methods for handling out parameters.

4. A. Statement:
Ordinary query SQL without parameters, Support batch update, batch delete;

B. PreparedStatement:
variable-parameter SQL, compile once, execute multiple times, high efficiency;
Good security, effectively prevent SQL injection and other problems;
Support batch update, batch delete;
C. CallableStatement:
Inherit from PreparedStatement, support SQL operation with parameters;
Support for calling stored procedures, providing support for output and input/output parameters (INOUT);

Statement each time the SQL statement executes, the database executes the compilation of the SQL statement, preferably for cases where only one query is executed and the result is returned, which is more efficient than preparedstatement.


preparedstatement is precompiled, using PreparedStatement has several benefits  
1. PreparedStatement is more efficient than statement when executing a variable parameter of SQL The fact that a DBMS compiles a SQL is certainly more efficient than compiling a SQL multiple times. &NBSP,
2. Good security, effectively prevent SQL injection and other issues.  
4.  code readability and maintainability. &NBSP

note:  
executequery: return result set ( ResultSet).  
executeupdate: Executes the given SQL statement, which may be an INSERT, UPDATE, or DELETE statement,  
or SQL statements (such as SQL DDL statements) that do not return any content.  

1234567891011121314151617181920212223242526272829303132333435363738

Statement用法:   String sql = "select seq_orderdetailid.nextval as test dual";   Statement stat1=conn.createStatement();   ResultSet rs1 = stat1.executeQuery(sql);   if ( rs1.next() ) {       id = rs1.getLong(1);   }     INOUT参数使用：   CallableStatement cstmt = conn.prepareCall("{call revise_total(?)}");   cstmt.setByte(1, 25);   cstmt.registerOutParameter(1, java.sql.Types.TINYINT);   cstmt.executeUpdate();   byte x = cstmt.getByte(1);     Statement的Batch使用:   Statement stmt  = conn.createStatement();   String sql = null;   for(int i =0;i<20;i++){       sql = "insert into test(id,name)values("+i+","+i+"_name)";       stmt.addBatch(sql);   }   stmt.executeBatch();     PreparedStatement的Batch使用:   PreparedStatement pstmt  = con.prepareStatement("UPDATE EMPLOYEES  SET SALARY = ? WHERE ID =?");   for(int i =0;i<length;i++){       pstmt.setBigDecimal(1, param1[i]);       pstmt.setInt(2, param2[i]);       pstmt.addBatch();   }   pstmt.executeBatch();     PreparedStatement用法:   PreparedStatement pstmt  = con.prepareStatement("UPDATE EMPLOYEES  SET SALARY = ? WHERE ID =?");   pstmt.setBigDecimal(1, 153.00);   pstmt.setInt(2, 1102);   pstmt. executeUpdate()

The difference between the statement,preparedstatement,callablestatement of JDBC