The thing I find even stranger is that it's pretty simple to write an equivalent for StringBuffer that has different methods for appending SQL text and constants, and automatically handles formatting for PreparedStatements. So:
SQLBuffer buffer = new SQLBuffer(); buffer.append("select * from user_acct where username = "). add(username).append(" and password = "). add(password); PreparedStatement stmt = connection.prepareStatement(buffer.getSQL()); buffer.fill(stmt); stmt.executeQuery();
That way, you don't have to worry about getting the variables mixed up, or dealing with the fact that you can't really trust the database driver to handle a java.util.Date.
The example you gave isn't as compact in this form, but that difference goes away if you've got queries where some clause is optional.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds