PrepareStatement的两个executeQuery语句

PrepareStatement有两种executeQuery方法，一种是带参的，一种是不带参的。

带参的executeQuery：

ResultSet executeQuery(String sql)
                       throws SQLException

Executes the given SQL statement, which returns a single ResultSet object.

Note:This method cannot be called on a PreparedStatement or CallableStatement.

Parameters:

sql - an SQL statement to be sent to the database, typically a static SQL SELECT statement

Returns:

a ResultSet object that contains the data produced by the given query; never null

Throws:

SQLException - if a database access error occurs, this method is called on a closed Statement, the given SQL statement produces anything other than a single ResultSet object, the method is called on a PreparedStatement or CallableStatement

SQLTimeoutException - when the driver has determined that the timeout value that was specified by the setQueryTimeout method has been exceeded and has at least attempted to cancel the currently running Statement

也就是说如果使用executeQuery(sql)这个方法的话，参数中的sql语句必须是静态的。也就是不能有“？”在语句中进行参数替换。

不带参的executeQuery：

ResultSet executeQuery()
                       throws SQLException

Executes the SQL query in this PreparedStatement object and returns the ResultSet object generated by the query.

Returns:

a ResultSet object that contains the data produced by the query; never null

Throws:

SQLException - if a database access error occurs; this method is called on a closed PreparedStatement or the SQL statement does not return a ResultSet object

SQLTimeoutException - when the driver has determined that the timeout value that was specified by the setQueryTimeout method has been exceeded and has at least attempted to cancel the currently running Statement