The difference between mysql # and $

Others 2020-03-23 17:40:45 views: null

The difference between the $ 1 and #

mybatis used ParameterType sql statement to pass parameters, when referring to these parameters in sql statement, there are two ways: #parameterName, $ parameterName.

The difference: Use #parameterName reference parameters of time, Mybatis will be passed as a parameter string, automatically add double quotes. $ ParameterName variable references, without any treatment, directly to the value in the splicing sql statement.

# Is a placeholder, $ splicing character.

2 How to prevent sql injection

Use # to prevent sql injection, $ injection attacks can not be avoided.

# Of reference parameters, mybatis will first of precompiled sql statement, and then reference value, can effectively prevent sql injection, to improve security. $ Parameters of reference, sql statement does not precompiled.

qq1225095213
Published 476 original articles · won praise 3 · views 20000 +
Private letter concerns

Guess you like

Origin blog.csdn.net/qq_37769323/article/details/105021462
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com