如何将 ArrayList 绑定到 Oracle 中的 PreparedStatement? [英] How do I bind an ArrayList to a PreparedStatement in Oracle?
问题描述
我想知道是否有办法将 ArrayList(或任何类型的 List,就此而言)绑定到最终将用于访问 Oracle 数据库的 PreparedStatement.我发现:
I was wondering if there was a way to bind an ArrayList (or any kind of List, for that matter) to a PreparedStatement which will eventually be used to access an Oracle database. I found:
这似乎与我的问题相似,但这个问题更具体:我想将 ArrayList 绑定到要在 Oracle 中使用的 PreparedStatement,如果可能,这是如何完成的?
And that seems similar to my issue, but this question is more specific: I'd like to bind an ArrayList to a PreparedStatement to be used in Oracle, if it is possible, how is this accomplished?
推荐答案
不能将 List 绑定到准备好的语句中的单个参数.
You can't bind a List to a single parameter in a prepared statement.
为列表中的每个元素生成带有参数标记的 SQL,例如:
Generate SQL with the a parameter marker for each element in the list, for example:
SELECT NAME FROM ITEM WHERE ID IN (?, ?, ?, ?)
即使您将为每个查询生成一个新语句,我仍然建议使用 PreparedStatement.如果您的列表包含 String 实例,您将获得必要的转义以防止 SQL 注入.
Even though you'll generate a new statement for each query, I'd still recommend using a PreparedStatement. If your list contains String instances, you'll get the necessary escaping to protect from SQL injection.
但即使它是一个安全类型,比如 Integer 对象,一些驱动程序或中间件可以缓存 PreparedStatements,并在请求相同的表单时返回缓存的实例.当然,一些测试是必要的.如果您的列表大小差异很大,您将有许多不同的语句,而一个实施不佳的缓存可能无法处理这么多.
But even if it's a safe type, like Integer objects, some drivers or middleware can cache PreparedStatements, and return a cached instance if the same form is requested. Of course, some testing would be necessary. If your lists vary widely in size, you'll have many different statements, and a poorly-implemented cache might not be prepared to handle so many.
这篇关于如何将 ArrayList 绑定到 Oracle 中的 PreparedStatement?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
