Skip site navigation (1) Skip section navigation (2)

Re: escape string for pgsql (using jdbc/java)?

From: Tobias Thierer <t_thierer(at)yahoo(dot)de>
To: pgsql-jdbc(at)postgresql(dot)org
Subject: Re: escape string for pgsql (using jdbc/java)?
Date: 2007-01-29 23:27:48
Message-ID: eplvti$2deb$ (view raw, whole thread or download thread mbox)
Lists: pgsql-jdbc
Oliver Jowett wrote:

> If you want something portable just use PreparedStatement.setString() 
> and parameter placeholders. The "preparation" overhead you are worrying 
> about is not really an issue as the PreparedStatement implementation is 
> designed to handle one-shot queries as well as reused queries 
> efficiently .. since PreparedStatement is often used just for parameter 
> value interpolation to avoid exactly the issues you are encountering.

I'm not so worried about the performance. But if I have a column of type 
SERIAL in my table, then I can retrieve the generated value using:

  statement.executeUpdate(sqlString, Statement.RETURN_GENERATED_KEYS);
  ResultSet resultSet = statement.getGeneratedKeys();
  Integer result;
  if ( {
    result = resultSet.getInt(1);
  } else {
    result = null;

whereas it is not clear to me how this works with a prepared statement. 
Strangely, PreparedStatement extends Statement, so PreparedStatement still 
has the executeUpdate(String,int) method - but it is not clear to me whether 
this method will throw the previously prepared statement away or what.

Is there any easy way to retrieve the generated value for the SERIAL column 
when using a prepared statement?


In response to


pgsql-jdbc by date

Next:From: Dave CramerDate: 2007-01-29 23:38:35
Subject: Re: escape string for pgsql (using jdbc/java)?
Previous:From: Oliver JowettDate: 2007-01-28 22:53:01
Subject: Re: escape string for pgsql (using jdbc/java)?

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group