Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do I bind an ArrayList to a PreparedStatement in Oracle?

Tags:

java

arraylist

oracle

prepared-statement

jdbc

I was wondering if there was a way to bind an ArrayList (or any kind of List, for that matter) to a PreparedStatement which will eventually be used to access an Oracle database. I found:

PreparedStatement IN clause alternatives?

And that seems similar to my issue, but this question is more specific: I'd like to bind an ArrayList to a PreparedStatement to be used in Oracle, if it is possible, how is this accomplished?

like image 307
MetroidFan2002 Avatar asked Nov 19 '08 20:11

MetroidFan2002

People also ask

Why do we use PreparedStatement instead of Statement?

If you want to execute a Statement object many times, it usually reduces execution time to use a PreparedStatement object instead. The main feature of a PreparedStatement object is that, unlike a Statement object, it is given a SQL statement when it is created.

What is PreparedStatement interface for?

Interface PreparedStatement. An object that represents a precompiled SQL statement. A SQL statement is precompiled and stored in a PreparedStatement object. This object can then be used to efficiently execute this statement multiple times.

What benefit does the PreparedStatement provide?

PreparedStatement helps us in preventing SQL injection attacks because it automatically escapes the special characters. PreparedStatement allows us to execute dynamic queries with parameter inputs. PreparedStatement provides different types of setter methods to set the input parameters for the query.

1 Answers

You can't bind a List to a single parameter in a prepared statement.

Generate SQL with the a parameter marker for each element in the list, for example:

SELECT NAME FROM ITEM WHERE ID IN (?, ?, ?, ?)

Even though you'll generate a new statement for each query, I'd still recommend using a PreparedStatement. If your list contains String instances, you'll get the necessary escaping to protect from SQL injection.

But even if it's a safe type, like Integer objects, some drivers or middleware can cache PreparedStatements, and return a cached instance if the same form is requested. Of course, some testing would be necessary. If your lists vary widely in size, you'll have many different statements, and a poorly-implemented cache might not be prepared to handle so many.

like image 191
erickson Avatar answered Oct 30 '22 05:10

erickson
Sign in to Comment

Related questions

Why does instanceof on Java give a compilation error?
How to create reusable @MockBean definitions in @SpringBootTest?
Regex with ? for a set of words
How do I avoid two filters when condition involves an Optional
Build android error at stage app:mergeDebugResources, ParseError AttributeNSNotUnique
What causes a junit warning org.junit.platform.launcher.core.EngineDiscoveryOrchestrator lambda$logTestDescriptorExclusionReasons$7
Eclipse not recognising Java-17
Why RecordComponent doesn't have annotation info that is defined in the Records class in Java 17?
Is it guaranteed that volatile field would be properly initialized
How to insert/replace XML tag in XmlDocument?
Best technology for adding plugin support to a J2SE application? [closed]
Using noweb on a large Java project
JPA - Unknown entity bean class
How to make junit testing to stop after first failing test
How do you deal with "super" generics in java?
Syntax colouring using Swing
Foosball result prediction
Should I create a new quartz job and trigger or one job and many triggers?
Structure JSP/Java code where logic is not in the JSP file
Dynamic column cell width

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!