7

I was going through differences between Statement and PreparedStatement in JDBC and saw so many advantages here and here with PreparedStatement in comparison with Statement.

Some of my colleague was asking why we still need Statement and why it is not deprecated looking at the advantages of PreparedStatement.

So is there any reason why we still have the Statement in JDBC API?

Community
  • 1
  • 1
learner
  • 6,062
  • 14
  • 79
  • 139
  • 3
    queries without parameters which should be executed ones – Iłya Bursov Aug 02 '15 at 05:16
  • 3
    `PreparedStatement` is an implementation of the `Statement` interface. Your question is unclear... – Nir Alfasi Aug 02 '15 at 05:27
  • 1
    I always prefer to use prepared statements due to below advantages over statement. 1)PreparedStatement helps us in preventing SQL injection attacks because it automatically escapes the special characters. 2)PreparedStatement allows us to execute dynamic queries with parameter inputs. 3)PreparedStatement provides different types of setter methods to set the input parameters for the query. 4)PreparedStatement is faster than Statement. 5)PreparedStatement helps us in writing object Oriented code with setter methods 6)PreparedStatement returns FORWARD_ONLY ResultSet, – Ravindra babu Aug 02 '15 at 05:48
  • If you want to run your query with out variables and run exactly once, statement may be useful but this advantage may last only for few milli seconds. The only advantage I have seen for statement is execution of dynamic SQL. Look for details about dynamic sql at http://docs.oracle.com/cd/B10501_01/appdev.920/a96590/adg09dyn.htm – Ravindra babu Aug 02 '15 at 05:59
  • @alfasin, yes but my question is if there are so many advantages of PreparedStatement over Statement then why we still have Statement interface? It should be treated as deprecated. – learner Aug 02 '15 at 06:33
  • Why? People still use statements without parameters. @alfasin They are both interfaces. – user207421 Aug 02 '15 at 07:10
  • PreparedStatement is a subinterface of Statement. I don't think you can deprecate an interface / class in favour of its subinterface / subclass that wouldn't make sense. – Rodney Aug 02 '15 at 12:09
  • @EJP you provided the only logical reason, you should post it as an answer! – Nir Alfasi Aug 02 '15 at 22:43

2 Answers2

2

PreparedStatement is used to handle the dynamic SQL queries, where Statement is used to handle static SQL queries.

Mischback
  • 843
  • 5
  • 18
ABHISHEK RANA
  • 333
  • 3
  • 7
0

So is there any reason why we still have the Statement in JDBC API?

Yes because it's in the SQL client-server API. If non-prepared statements were to be removed, then a feature of SQL would be missing from JDBC.

As alluded to in other answers, PreparedStatement has no advantages whatsoever if there are no dynamic parameters. For those cases it is slightly more concise to use a non-prepared statement.

Completely unrleated to those matters is the fact that PreparedStatement is a Suberinterface of Statement and so the latter cannot be removed without redesigning the API. That is more to do with the Java API though and not to do with SQL.

Rodney
  • 2,642
  • 1
  • 14
  • 15