Just noticed this in the JDBC spec (13.2.4):
If any of the PreparedStatement execute methods is called with an SQL
string as a parameter, an SQLException is thrown.
(don't you love how you have to look at both the spec and the javadoc to
discover the behaviour of particular methods?)
The current driver doesn't do this, and we've had at least one bug
report that turned out to be caused by calling an execute...() method
with a string on a PreparedStatement.
Worth fixing?
-O