I was wondering if using PreparedStatement.setString() was a good idea (possible, sensible?) to dynamically

Question

0

Asked: June 17, 20262026-06-17T12:26:47+00:00 2026-06-17T12:26:47+00:00

I was wondering if using PreparedStatement.setString() was a good idea (possible, sensible?) to dynamically

0

I was wondering if using PreparedStatement.setString() was a good idea (possible, sensible?) to dynamically build a query.

For example :

sql code:

SELECT * FROM table1 WHERE table1.category = ? ?

java code:

ps.setString(1,"category1");
ps.setString(2,"AND table1.category = 'category2'");

Also, would it be possible to do something like:

ps.setString(1,"category1");
ps.setString(2," AND table1.category = ?");
ps.setString(3,"category2");

Best regards

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-17T12:26:47+00:00

Editorial Team

2026-06-17T12:26:47+00:00Added an answer on June 17, 2026 at 12:26 pm

Unfortunately, NO.

PreparedStatements are strictly for values only. Table Names and Column Names (as well as conditions in your example) are not allowed. So the best way to do is to concatenate it with the string.

String others = " AND table1.category = ?";
String query = "SELECT * FROM table1 WHERE table1.category = ? " + others;

java code:

ps.setString(1,"category1");
ps.setString(2,"category2");

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I was wondering if using PreparedStatement.setString() was a good idea (possible, sensible?) to dynamically

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply