Passing parameters to a JDBC PreparedStatement

Question

I\'m trying to make my validation class for my program. I already establish the connection to the MySQL database and I already inserted rows into the table. The table consis

Answer 1

Do something like this, which also prevents SQL injection attacks

statement = con.prepareStatement("SELECT * from employee WHERE  userID = ?");
statement.setString(1, userID);
ResultSet rs = statement.executeQuery();