如何使用Java在PostgreSQL中安全地转义SQL的任意字符串

I have a special case requiring that I generate part of a SQL WHERE clause from user supplied input values. I want to prevent any sort of SQL Injection vulnerability. I've come up with the following code: requiring that I generate