Statement vs Prepared Statement

• Statement vs Prepared Statement 

A prepared statement performs the following checks:

    Makes sure that the tables and columns exist
    Makes sure that the parameter types match their columns
    Parses the SQL to make sure that the syntax is correct
    Compiles and caches the compiled SQL so it can be re-executed without repeating these steps


http://stackoverflow.com/questions/8959036/statement-vs-prepared-statement-in-terms-of-precompilation

• The prepared statement concept is not specific to Java, it is a database concept. Statement precompiling means: when you execute a SQL query, database server will prepare a execution plan before executing the actual query, this execution plan will be cached at database server for further execution.

The advantages of Prepared Statements are:

    As the execution plan get cached, performance will be better.
    It is a good way to code against SQL Injection as escapes the input values.
    When it comes to a Statement with no unbound variables, the database is free to optimize to its full extent. The individual query will be faster, but the down side is that you need to do the database compilation all the time, and this is worse than the benefit of the faster query.

http://webmoli.com/2008/10/23/back-to-basics-statement-vs-prepared-statement/