commons-lang common tool class StringEscapeUtils

In apache commons-lang (version 2.3 and above), it provides us with a tool class that is convenient for escaping, mainly to prevent sql injection and xss injection attacks. The following methods are provided in total:
1.escapeSql provides sql transfer function to prevent sql injection attacks, such as typical universal password attacks' ' or 1=1 ' '

StringBuffer sql = new StringBuffer("<span class="hljs-keyword">select</span> key_sn,remark,create_date <span class="hljs-keyword">from</span> tb_selogon_key <span class="hljs-keyword">where</span> <span class="hljs-number">1</span>=<span class="hljs-number">1</span> <span class="hljs-string">");
        if(!CommUtil.isEmpty(keyWord)){
            sql.append("</span> <span class="hljs-keyword">and</span> <span class="hljs-keyword">like</span> <span class="hljs-string">'%" + StringEscapeUtils.escapeSql(keyWord) + "%'</span><span class="hljs-string">");
        }</span>

2.escapeHtml /unescapeHtml escape/reverse escape html script

System.out.println(StringEscapeUtils.escapeHtml(<span class="hljs-string">"<a>dddd</a>"</span>));   
输出结果为：&<span class="hljs-keyword">lt</span>;a&<span class="hljs-keyword">gt</span>;dddd&<span class="hljs-keyword">lt</span>;<span class="hljs-regexp">/a&gt;</span>

System.out.println(StringEscapeUtils.unescapeHtml("&lt;a&gt;dddd&lt;/a&gt;"));   
输出为：<span class="hljs-tag"><span class="hljs-tag"><</span><span class="hljs-name"><span class="hljs-tag"><span class="hljs-name">a</span></span></span><span class="hljs-tag">></span></span>ddd<span class="hljs-tag"><span class="hljs-tag"></</span><span class="hljs-name"><span class="hljs-tag"><span class="hljs-name">a</span></span></span><span class="hljs-tag">></span></span>

3.escapeJavascript/unescapeJavascript escape/reverse escape js script

System.out.println(StringEscapeUtils.escapeJavaScript("<span class="hljs-tag"><span class="hljs-tag"><</span><span class="hljs-name"><span class="hljs-tag"><span class="hljs-name">script</span></span></span><span class="hljs-tag">></span></span><span class="actionscript"><span class="actionscript">alert(</span><span class="hljs-string"><span class="actionscript"><span class="hljs-string">'1111'</span></span></span><span class="actionscript">)</span></span><span class="hljs-tag"><span class="hljs-tag"></</span><span class="hljs-name"><span class="hljs-tag"><span class="hljs-name">script</span></span></span><span class="hljs-tag">></span></span>"));   
输出为：&lt;script&gt;alert('111')&lt;/script&gt;

4.escapeJava/unescapeJava convert the string to unicode encoding

System.out.println(StringEscapeUtils.escapeJava(<span class="hljs-string">"中国"</span>));   
输出为：用escapeJava方法转义之后的字符串为<span class="hljs-symbol">:/u4E2D/u56FD/u5171/u4EA7/u515A</span>