String insertTableSQL = "INSERT INTO DBUSER (USER_ID, USERNAME) VALUES (1,'mkyong')"; So that instead of 1 and mkyong there are variables?
2 answers
IMHO is more suitable here PreparedStatement with Batch - see for example
Barmaley barmaley
67.4k 6 gold signs 57 silver marks 134 bronze marks
|
read what the Prepared Statement is, for example here .
String selectSQL = "SELECT USER_ID, USERNAME FROM DBUSER WHERE USER_ID = ?"; PreparedStatement preparedStatement = dbConnection.prepareStatement(selectSQL); preparedStatement.setInt(1, 1001); ResultSet rs = preparedStatement.executeQuery(selectSQL ); 
arg arg
3,059 1 golden mark 14 silver marks 37 bronze marks
|