Is JDBC secure?

Question

I am new to JDBC, and the new project require me to use JDBC. What I want to know is,

is the JDBC secure?

How to prevent \"Mysql Injection\"-like problem?<

Answer 1

Use prepared statements. For a hypothetical login you might use this, for example:

PreparedStatement stmt = conn.prepareStatement("SELECT * FROM member WHERE member_username = ? AND member_password = ?");
stmt.setString(1, username);
stmt.setString(2, password);
stmt.execute();

ResultSet rs = stmt.getResultSet();
// ...

This will completely shield you from SQL Injection vulnerabilities.