creating comma seperated string to be given as input to sql “IN” clause

Question

I want a string to be given as input to the SQL \"IN\" clause,where in i want a list of strings separated by commas

Answer 1

You should use a PreparedStatement so your strings are escaped automatically if necessary and you will be protected from sql injection.

First, generate a statement with a marker for each element in the list. For example:

select id, name from users where name in (?, ?, ?)

Then loop over your list and set the values in the statement.

Take a look at this question for details:

What is the best approach using JDBC for parameterizing an IN clause?