I’ve been always using PreparedStatement in JDBC query operations for two main reasons:
- it manages for you all data translations between types
- it automatically calculates the best query path to recover your data
Unfortunately there’s a little canvas you should know about: we know, like is evil, but when you use like in a query using a PreparedStatement, data path is calculated before having information about what you would like, so resulting query is very unoptimized! In such cases you should proceed handling like parameters with string composition/substitution, before creating PreparedStatement object.
That’s not a JDBC or database fault, it’s just how things work. But you should be aware of it…