I have to format a string such that it can be sent to the IN clause of SQL. String s = ('A','B').This string s shud be passed from java to sql.How can this be done
2
-
1You should know how to do it as you ask a lot of similar questions in the past.FrVaBe– FrVaBe2011-01-18 08:32:52 +00:00Commented Jan 18, 2011 at 8:32
-
Possible duplicate stackoverflow.com/questions/178479/…Tadeusz Kopec for Ukraine– Tadeusz Kopec for Ukraine2011-01-18 09:00:36 +00:00Commented Jan 18, 2011 at 9:00
Add a comment
|
2 Answers
I have come across this many times and to the best of my knowledge each element in the set needs to be a separate parameter:
String sql = "select * from customer where city in (?, ?, ?)";
PrepareStatement p = ..;
p.setString("Mumbai");
p.setString("Pune");
p.setString("Bangalore");
...
answered Jan 18, 2011 at 8:33
Miserable Variable
28.8k15 gold badges79 silver badges138 bronze badges
Comments
Simply create the SQL statement and append the string to it
String sql = "SELECT a FROM table WHERE a IN "+s;
Now you can create a SQL Statement from this string. A better way may be to use prepared statements...
2 Comments
Tadeusz Kopec for Ukraine
Avoid creating queries with concatenation. It's dangerous. en.wikipedia.org/wiki/SQL_injection
Miserable Variable
PreparedStatements and IN clauses don't play together very well.
