Need to redesign JDBCCategoryDataset class - add method execute(PreparedStatemet). In this version of class I move all result set processing logic from execute(Connection, String) to new private method - processResultSet(ResultSet). Next add required method execute(PreparedStatemet). Add constructor too.
New method should be use when query, from execute method, need parameters set by user. PreparedStatemet protect us from typically SQL injection attack - query string builded by hand.
- new version of class.
Log in to post a comment.