PreparedStatement字符串拼接

这在里求JDBC中PreparedStatement的实现，我想不会是这样来拼接。

package com.dicmo.test;

import java.util.ArrayList;
import java.util.List;


public class PreparedStatement{
	private String sql;
	
	public String getSql() {
		return sql;
	}
	public void setSql(String sql) {
		this.sql = sql;
	}
	PreparedStatement(String sql){
		this.sql = sql;
	}
	public void setInt(int index,int value){
		List <Integer> indexList = new ArrayList<Integer>();
			char [] sqlArray = sql.toCharArray();
			for (int i=0;i<sqlArray.length;i++){
				if('?'==sqlArray[i]){
					indexList.add(i);
				}
			}
			sql = sql.substring(0,Integer.parseInt(indexList.get(index-1).toString()))
			+"?"+value+sql.substring(Integer.parseInt(indexList.get(index-1).toString())+1);
			System.out.println(sql);
	}
	
	public void setString(int index,String value){
		List <Integer> indexList = new ArrayList<Integer>();
		char [] sqlArray = sql.toCharArray();
		for (int i=0;i<sqlArray.length;i++){
			if('?'==sqlArray[i]){
				indexList.add(i);
			}
		}
//这里使用?继续做占位符，保持参数的位置不变
//在最后面把?全替换掉
			sql = sql.substring(0,Integer.parseInt(indexList.get(index-1).toString()))
			+"?\'"+value+"\'"+sql.substring(Integer.parseInt(indexList.get(index-1).toString())+1);
	}
	
	public String makeNewSql(String sql){
		char [] a = sql.toCharArray();
		for(int i=0;i<a.length;i++){
			if('?'==a[i]){
				a[i]=' ';
			}
		}
		String newSQL = new String(a).replaceAll("  "," ");
		return  newSQL;
	}
	public static void main(String [] args){
		String sql ="SELECT * FROM user WHERE id = ? AND name = ? AND sex = ? And age = ? AND title = ?";
		PreparedStatement ps = new PreparedStatement(sql);
//这里的setXXX可以是任意顺序。前面的?占位符起了作用。
//如:ps.SetXXX(2,xxx);
//   ps.SetXXX(1,xxx);

		ps.setInt( 1, 2);
		ps.setString( 2, "dicmo");
		ps.setString( 3, "男");
		ps.setInt(4, 10);
		ps.setString(5, "JAVA fan");
		System.out.println(ps.makeNewSql(ps.getSql()));
	}
	
}

?替换处理前:

SELECT * FROM user WHERE id = ?2 AND name = ?'dicmo' AND sex = ?'男' AND age = ?10 AND title = ?'JAVA fan'

?替换处理后:

SELECT * FROM user WHERE id = 2 AND name = 'dicmo' AND sex = '男' AND age = 10 AND title = 'JAVA fan'