JDBC offers several ways to execute sql queries like Statement, PreparedStatement and CallableStatement.PreparedStatment offers several benefits one of them is prevention from SQL injection which is must in any secure Java application. read full post on Why you should use PreparedStatement in Java