Executing SQL queries in loop induced unnecessary calculation by the CPU, RAM usage and network transfer.
public void foo() {
// ...
String baseQuery = "SELECT name FROM users where id = ";
for (int i = 0; i < 20; i++) {
String query = baseQuery.concat("" + i);
Statement st = conn.createStatement();
ResultSet rs = st.executeQuery(query); // Noncompliant
// iterate through the java resultset
while (rs.next()) {
String name = rs.getString("name");
System.out.println(name);
}
st.close();
}
// ...
}public void foo() {
StringBuilder queryBuilder = new StringBuilder("SELECT name FROM users WHERE id IN (");
for (int i = 0; i < 20; i++) {
if (i > 0) {
queryBuilder.append(",");
}
queryBuilder.append("?");
}
queryBuilder.append(")");
String query = queryBuilder.toString();
try (Connection conn = DriverManager.getConnection("your-database-url");
PreparedStatement pst = conn.prepareStatement(query)) {
for (int i = 0; i < 20; i++) {
pst.setInt(i + 1, i);
}
try (ResultSet rs = pst.executeQuery()) { // compliant
while (rs.next()) {
String name = rs.getString("name");
System.out.println(name);
}
}
} catch (SQLException e) {
e.printStackTrace();
}
}