I'm using the JdbCTemplate method
to return a List of objects from a MySQL database. I'd like to pass a set of strings to the query a.k.a.
query(String sql, Object args, RowMapper rowMapper)
but can't find anything about how to do this with Spring. The list of strings is provided at runtime based on selections from a user, so there's no knowing how many variables will be in this list.
SELECT * FROM myTable WHERE item IN ('one','two','three'...etc)
My only solution so far is to build the query in a string buffer and manually inject the search parameters, but it means I'll have to manually trap SQL injections and just doesn't look very nice!
Is it possible to replace the list with a ? and bind the value(s) at runtime? Any help or pointers much appreciated!