Many relation database handle a JDBC sql query in blew four steps:
1, parse the incoming sql
2, compile the sql
3, plan/ optimize the sql.
4, execute the sql and return data
A Statement will always procceed the four steps for each sql quer sent to the database. A PrepareStatement will pre-execute the steps 1-3.
Thus, when creating
a PreparedStatement some
pre-optimization is performed immediately.
Another advantage of
the PreparedStatement class is the
ability to create an incomplete query and supply parameter values at
execution time. This type of query is well suited for filtering queries
which may differ in parameter value only:
preparedStatement also will avoid some sql injection risk.
callablestatement extend the preparestatement, it can excute a procedure.
Statement VS PrepareStatement,布布扣,bubuko.com
原文:http://www.cnblogs.com/zhonghan/p/3597262.html