Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.

Tip of the Day
Language: Java
Expertise: Intermediate
Aug 19, 2002



Application Security Testing: An Integral Part of DevOps

Creating a Parameterized SQL Query Using PreparementStatement

// conn - having a database connection already

PreparedStatement stmnt = null;
ResultSet rs = null;

  // '?' indicates placement of a parameter.
  stmnt = conn.prepareStatement("SELECT firstName FROM
employees WHERE salary > ?");

  // Complete the query statement.
  // Note that start with "1" for the first parameter.
  // Resulting query statement "SELECT firstName FROM employees 
WHERE salary > 300"
  stmnt.setInt(1, 300);

  // Returning ResultSet from executing query.
  rs = stmnt.executeQuery();
  catch(Exception ex)
  System.err.println("Database exception: " + ex);
Van C.
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date