28

I would like to know if we can reuse the same Statement object for executing more than one query. Or, should we create a new statement for different queries.

For example,

Connection con = getDBConnection();
Statement st1 = con.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE, ResultSet.CONCUR_READ_ONLY);
int i = st1.executeUpdate("update tbl_domu set domU_status=1 where domU_id=" + dom_U_id);
Statement st2 = con.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE, ResultSet.CONCUR_READ_ONLY);
String date = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(Calendar.getInstance().getTime());
int j = st2.executeUpdate("insert into tbl_domU_action_history values('" + dom_U_name + "', 1, '" + date + "')");

In the above case, is there any harm in using the same statement st1 for both the executeUpdate() queries? Can I use the same Statement object st1 for another executeQuery()?

Improve this question

5 Answers 5

Reset to default
23

I came across the response I was looking for in the Javadoc for Statement:

By default, only one ResultSet object per Statement object can be open at the same time. Therefore, if the reading of one ResultSet object is interleaved with the reading of another, each must have been generated by different Statement objects. All execution methods in the Statement interface implicitly close a current ResultSet object of the statement if an open one exists.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

It don't see how this answers the question : should we call the close() method on the Statement ?
@PhilippeGirolami The Question is about reusing a Statement object, not about closing. So this Answer directly addresses the Question, with Javadoc explaining that a Statement can indeed be used again to produce another ResultSet but only one ResultSet at a time is usable.
17

Yes, you can. However, it is very much better to use PreparedStatement to avoid SQL injection vulnerabilities.

Improve this answer

Comments

2

The original point of using prepared statements was to avoid having the database parse and recompile the statement, so it's supposed to be faster.

I had not considered the SQL injection vulnerabilities use, but I'm not sure what, if any data checking is done. I suspect that it's driver-dependant, as the driver implementation is free to just glue the statements together. If anyone has further details, please post.

Improve this answer

3 Comments

It appears that the JDBC spec does not require correct handling of special characters. I'd like to hear about any drivers that do not so they can be avoided.
Steve, the idea re: SQL injection is that using parameterized statements avoids the risk. See en.wikipedia.org/wiki/SQL_injection#Preventing_SQL_Injection. Of course you are right that their original purpose was to avoid unnecessary parsing.
Yes, however as the drivers merely implement the JDBC interface(s) it's unclear to what extent this is actually happening, and it's totally dependent on the driver implementors. I was hoping someone would have more specific knowledge based on having had to deal with this issue in the past.
1

I am not sure that the result sets get garbage collected if only they are only closed. I think I had a cool memory leak when I was writing a connection pool so the same statement/connection was re-used a million times. Kept bringing down my JVM. I guess this could also be implementation specific as garabage collection of a closed result set may not be tested.

Improve this answer

Comments

0

Whenever you assign something to a reference type, you're replacing the old reference with a new one.

For example...

MyObject obj = new MyObject("foo");
obj = new MyObject("bar");

Would have a now non-referenced instance of MyObject with some property set to "foo" that will eventually be garbage collected.

obj stores a reference to a MyObject with some property set to "bar".

Improve this answer

1 Comment

This is not quite what he is doing. He is asking if he can reuse the same instance, not just the same reference

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.