Preventing SQL injection without prepared statements (JDBC)

Question

I have a database log appender that inserts a variable number of log lines into the database every once in a while.

I\'d like to create an SQL statement in a way tha

Answer 1

Not sure if I understand your question correctly. Is there something in PreparedStatement that isn't fitting your needs?

I think that whether or not the statement is cached on the server side is an implementation detail of the database driver and the specific database you're using; if your query/statement changes over time than this should have no impact - the cached/compiled statements simply won't be used.