-
#
It takes the incoming value as a string, eg:,select id,name,age from student where id =#{id}
when the current end passes the id value of 1 to the background, it is equivalent toselect id,name,age from student where id ='1'
. -
$
The incoming data is displayed directly generated sql statement, EG:select id,name,age from student where id =${id}
, end the current id value of 1, passed back to the time equivalentselect id,name,age from student where id = 1
. -
Use
#
can be很大程度
on防止sql注入
. (Concatenation of sentences) -
But if it is used in
order by
, it needs to be used$
. -
It is often used in most cases
#
, but must be used in different situations$
.
I think that #
with the {}
incoming value, when sql parses, the parameter is not quoted.
- A: Understanding
mybatis
of$
the#
在mybatis中的$与#都是在sql中动态的传入参数。
eg:select id,name,age from student where name=#{name} 这个name是动态的,可变的。当你传入什么样的值,就会根据你传入的值执行sql语句。
- Two: use
$
and#
#{}
: Resolves to a JDBC prepared statement (prepared statement) parameter markers, one#{ }
is interpreted as a参数占位符
.${}
: Just for one纯碎的 string 替换
,动态 SQL 解析阶段
will be carried out变量替换
.
eg: name–>cy
-- name='cy' select id,name,age from student where name=#{name} -- name=cy select id,name,age from student where name=${name}
————————————————
Original link: https://blog.csdn.net/hao65103940/article/details/79099159