Table « JDBC « Java Database Q&A

1. How to get auto generated keys of a table while using java prepared statement Batch?

How to get auto generated keys of a table while using java prepared statement Batch? One way to do is to iterate the resultset that is returned? Is there is any ...

4. Prepared Statements, parameterized table names?

Hi Chandana, The optimiser would have to generate a new query plan for each table. One reason for this is that different tables may have different indexes so the method of accessing the data may be different. Even if the indexes, etc. were all the same on different tables, the optimised query plan only provides a template for substitution of values. ...

5. In PreparedStatement table name can vary

Originally posted by dmay chug: Can it not make my application vulnerable to sql injection attack. It depends on where the data comes from. Don't let the user type in a table name directly. Suppose you had them pick an entry from a list for which table they want to use. After they submit, validate the entry is in fact in ...

7. passing table name in prepared statement

hi guys, I am trying to pass table name in prepared statement. how do i do that. for ex select * from table_name where select * from xxx in (?,?,?) this each question mark is a table name i will set dynamicaaly. how do i do that. i know i cant setstring any ideas thanks srini

8. Temp Table problem with PreparedStatement

Hi All, I am creating a prepared statement as: ps = connection.prepareStatement(sqlString,ResultSet.TYPE_SCROLL_INSENSITIVE,ResultSet.CONCUR_UPDATABLE); This works fine in most cases. One of our table has a colum of lenght 16000 bytes VarChar. When I use the above preparedStatement to select that colum I get the error: DB2 SQL Error: SQLCODE=-904, SQLSTATE=57011, SQLERRMC=00E7009A;200;TABLESPACE IN TEMP DATABASE, DRIVER=3.50.152 I found that the problem is with ...

9. Using PreparedStatement with table name

You don't know where those parameters are coming from or who the end user is. It could be a file, or a developer who has full access to the database, using the software. So, unless you know the details, best you say "may be a vulnerability", and let the OP decide. :-)

10. preparedstatement with two tables