BAEL-4350: Difference between Statement and PreparedStatement

Signed-off-by: Ali Ben Messaoud <mail2alibm@gmail.com>
This commit is contained in:
Ali Ben Messaoud
2020-07-06 01:01:19 +02:00
parent a593cfc3ef
commit c6b1b43bdd
7 changed files with 440 additions and 0 deletions
@@ -0,0 +1,23 @@
package com.baeldung.statmentVsPreparedstatment;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
public class DatasourceFactory {
private Connection connection;
public Connection getConnection() throws ClassNotFoundException, SQLException {
Class.forName("org.h2.Driver");
connection = DriverManager.getConnection("jdbc:h2:mem:db_basic", "SA", "");
connection.setAutoCommit(false);
return connection;
}
public boolean createTables() throws SQLException {
String query = "create table if not exists PERSONS (ID INT, NAME VARCHAR(45))";
return connection.createStatement().executeUpdate(query) == 0;
}
}
@@ -0,0 +1,42 @@
package com.baeldung.statmentVsPreparedstatment;
import java.util.Objects;
public class PersonEntity {
private int id;
private String name;
public PersonEntity(int id, String name) {
this.id = id;
this.name = name;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
@Override public boolean equals(Object o) {
if (this == o)
return true;
if (o == null || getClass() != o.getClass())
return false;
PersonEntity that = (PersonEntity) o;
return id == that.id && Objects.equals(name, that.name);
}
@Override public int hashCode() {
return Objects.hash(id, name);
}
}
@@ -0,0 +1,88 @@
package com.baeldung.statmentVsPreparedstatment;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
public class PreparedStatementPersonDao {
private final Connection connection;
public PreparedStatementPersonDao(Connection connection) {
this.connection = connection;
}
public Optional<PersonEntity> getById(int id) throws SQLException {
String query = "SELECT id, name FROM persons WHERE id = ?";
PreparedStatement preparedStatement = connection.prepareStatement(query);
preparedStatement.setInt(1, id);
ResultSet resultSet = preparedStatement.executeQuery();
if (resultSet.first()) {
PersonEntity result = new PersonEntity(resultSet.getInt("id"),
resultSet.getString("name"));
return Optional.of(result);
} else {
return Optional.empty();
}
}
public void insert(PersonEntity personEntity) throws SQLException {
String query = "INSERT INTO persons(id, name) VALUES( ?, ?)";
PreparedStatement preparedStatement = connection.prepareStatement(query);
preparedStatement.setInt(1, personEntity.getId());
preparedStatement.setString(2, personEntity.getName());
preparedStatement.executeUpdate();
}
public void insert(List<PersonEntity> personEntities) throws SQLException {
String query = "INSERT INTO persons(id, name) VALUES( ?, ?)";
PreparedStatement preparedStatement = connection.prepareStatement(query);
for (PersonEntity personEntity : personEntities) {
preparedStatement.setInt(1, personEntity.getId());
preparedStatement.setString(2, personEntity.getName());
preparedStatement.addBatch();
}
preparedStatement.executeBatch();
}
public void update(PersonEntity personEntity) throws SQLException {
String query = "UPDATE persons SET name = ? WHERE id = ?";
PreparedStatement preparedStatement = connection.prepareStatement(query);
preparedStatement.setString(1, personEntity.getName());
preparedStatement.setInt(2, personEntity.getId());
preparedStatement.executeUpdate();
}
public void deleteById(int id) throws SQLException {
String query = "DELETE FROM persons WHERE id = ?";
PreparedStatement preparedStatement = connection.prepareStatement(query);
preparedStatement.setInt(1, id);
preparedStatement.executeUpdate();
}
public List<PersonEntity> getAll() throws SQLException {
String query = "SELECT id, name FROM persons";
PreparedStatement preparedStatement = connection.prepareStatement(query);
ResultSet resultSet = preparedStatement.executeQuery();
List<PersonEntity> result = new ArrayList<>();
while (resultSet.next()) {
result.add(new PersonEntity(resultSet.getInt("id"), resultSet.getString("name")));
}
return result;
}
}
@@ -0,0 +1,75 @@
package com.baeldung.statmentVsPreparedstatment;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
public class StatementPersonDao {
private final Connection connection;
public StatementPersonDao(Connection connection) {
this.connection = connection;
}
public Optional<PersonEntity> getById(int id) throws SQLException {
String query = "SELECT id, name, FROM persons WHERE id = '" + id + "'";
Statement statement = connection.createStatement();
ResultSet resultSet = statement.executeQuery(query);
if (resultSet.first()) {
PersonEntity result = new PersonEntity(resultSet.getInt("id"),
resultSet.getString("name"));
return Optional.of(result);
} else {
return Optional.empty();
}
}
public void insert(PersonEntity personEntity) throws SQLException {
String query = "INSERT INTO persons(id, name) VALUES(" + personEntity.getId() + ", '"
+ personEntity.getName() + "')";
Statement statement = connection.createStatement();
statement.executeUpdate(query);
}
public void insert(List<PersonEntity> personEntities) throws SQLException {
for (PersonEntity personEntity : personEntities) {
insert(personEntity);
}
}
public void update(PersonEntity personEntity) throws SQLException {
String query = "UPDATE persons SET name = '" + personEntity.getName() + "' WHERE id = "
+ personEntity.getId();
Statement statement = connection.createStatement();
statement.executeUpdate(query);
}
public void deleteById(int id) throws SQLException {
String query = "DELETE FROM persons WHERE id = " + id;
Statement statement = connection.createStatement();
statement.executeUpdate(query);
}
public List<PersonEntity> getAll() throws SQLException {
String query = "SELECT id, name, FROM persons";
Statement statement = connection.createStatement();
ResultSet resultSet = statement.executeQuery(query);
List<PersonEntity> result = new ArrayList<>();
while (resultSet.next()) {
result.add(new PersonEntity(resultSet.getInt("id"), resultSet.getString("name")));
}
return result;
}
}