Need help with parsing sql in java

Question

I have the below code that splits the sql statement and give its indices for the columns.

String sql = "INSERT INTO Table1(SSN, EMPID) VALUES (?,?)";

    public static List<Object[]> indices(String stmt) {
        List<Object[]> list = new ArrayList<Object[]>();
        String variables[] = null;
        try {
            variables = stmt.substring(stmt.indexOf('(')+1, 
                stmt.indexOf(')', stmt.indexOf('(')+1)).split("\\,");
        } catch (Exception e) {}

        for (int i=0; i < variables.length; ++i ) {
            Object [] str =  new Object [2] ;
            str[0] = variables[i].trim() ;
            str[1] = ((Integer)(i+1)) ;
            list.add(str) ;
        }
        return list;
    }

Result - 

list[0] >>

array[0] = SSN
array[1] = 1

list [1] >>
array[0] = EMPID
array[1] = 2

Can some one point me with appropriate regular expression to split the following sql instead -

sql = "if not exists (select * from Table1 where SSN = ? and EMPID =?)  
      INSERT INTO Table1(SSN, EMPID) VALUES (?,?)"

I guess the output would be something like -

list[0] >>
array[0] = SSN
array[1] = 1

list [1] >>
array[0] = EMPID
array[1] = 2

list[2] >>
array[0] = SSN
array[1] = 1

list [3] >>
array[0] = EMPID
array[1] = 2

Thank You

Answer 1

Attempting to parse non-trivial languages like SQL using regexes or other low-level string bashing is a BAD IDEA. You end up with unreadable code and a fragile "parser" that breaks when supplied with input that is invalid or valid-but-different.

You either need to implement a proper SQL parser (or use an existing one), or change your code so that you are not parsing SQL but assembling it from something else.

I have an application depending on a framework and don't want to introduce new libraries!

That is a bad reason for not doing proper parsing. What is wrong with not using another library???