PreparedStatement

http://forum.java.sun.com/thread.jsp?forum=48&thread=538747&tstart=0&trange=15 A prepared statement gets compiled by the database during the first execution. Most databases have a query cache, and the query will stay there for a while. So, the next invocation of the statement won't need to be recompiled by the database (if it still is in the cache). That will speed things up. The best reasons for using PreparedStatements are these: (1) Executing the same query multiple times in loop, binding different parameter values each time, and (2) Using the setDate()/setString() methods to escape dates and strings properly, in a database-independent way. (3) SQL injection attacks on a system are virtually impossible when using Prepared Statements. I have read the statement has less initial overhead so its better for a one time call - for instance to get some information to populate a combo box. PreparedStatement has more initial overhead but it is dramatically reduced on subsequent calls because its precompiled at the DB so it would be used when you need to execute the same statement repeatedly with different parameters. I don't worry about the performance hit until it becomes a problem. Network latency is usually the bigger problem, and that has to do with the way queries are done rather the Statement vs PreparedStatement.