Quoting Thomas Eibner (thomas at stderr.net): > So most of the query gets cached and you gain the benefit of not needing > to quote the input from the user since that automatically happens by the > binding of the placeholders. > > Does something similar exist in Java? It's called the prepareStatement() and it works just like the perl stuff. As I posted previous, most modern servlet containers even cache queries for you (don't ask me how it works :-). PreparedStatement pstmt = con.prepareStatement("UPDATE EMPLOYEES SET SALARY = ? WHERE ID = ?"); pstmt.setBigDecimal(1, 153833.00) pstmt.setInt(2, 110592) -- Minneapolis St. Paul Twin Cities MN | Phone : (952)943-8700 http://www.mn-linux.org Minnesota Linux | Fax : (952)943-8500 Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9