Sunday, June 19, 2011

Common pitfalls in JDBC Prepared Statement

DO NOT USE single quotes when using setString method.

Usually we tend to forget this when using like statement as in

select projectId from t_project where projectName like ?

// Setting the value
// The following is incorrect and will not work
pstmt.setString(1,"'%abc%'");

// This is correct
// Remember we are using setString method that will automatically add single quotes around it.
// The developer need not add it explicitly.
pstmt.setString(1, "%abc%");




No comments:

Post a Comment