On 9/1/07, RaghavendraK 70574 <[EMAIL PROTECTED]> wrote: > I want to know why > prepareStatement: select * from xxx where IN (?); > stmt.bind("abc,xyz,123"); is not supported for multiple > values.
It's not supported because it doesn't make sense. The parametric binding mechanism is for single values; it's not a macro-like text replacement system. With your syntax, how do I bind a set of integers? Strings? Blobs? One common use for parametric binding (besides convenience) is to avoid SQL injection attacks. The example you posted doesn't do that; you have to manually escape each individual value to make sure it's valid syntax for the IN() group in text form. Why even use parameters in that case? It's the same amount of work whether you build the entire SQL statement or not. All common databases I'm aware of work exactly the same way. ----------------------------------------------------------------------------- To unsubscribe, send email to [EMAIL PROTECTED] -----------------------------------------------------------------------------