jdbc中解决sql注入的问题

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

//prepareStatement解决sql注入问题
public class JDBCdemo8 {
    public static void main(String[] args) {
        if (NewLogin("郭奉孝",38)){
            System.out.println("登录成功");
        }else{
            System.out.println("登录失败");
        }
    }

    public static boolean NewLogin(String name, int age){
        if (name == null || age == 0){
            return false;
        }
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            connection = JDBCUntils.getConnection();
            String sql = "select * from student where name = ? and age = ?";
            preparedStatement = connection.prepareStatement(sql);
            preparedStatement.setString(1,name);
            preparedStatement.setInt(2,age);
            resultSet = preparedStatement.executeQuery();
            return resultSet.next();
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }finally {
            JDBCUntils.close(connection,preparedStatement,resultSet);
        }
        return false;
    }
}